| Author |
Message |
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
 Posted: Fri Apr 01, 2005 7:02 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Fri, 01 Apr 2005 12:12:51 -0800, adiavr@gmail.com wrote:
Separate subnets normally are assigned to separate NICs, which should
prevent the phenomenon you posted about.
| Quote: | I'm running an OpenVPN server on 192.168.215.252
|
I have never messed with such. I do all my remote admin work over ssh. |
|
| Back to top |
|
 |
adiavr@gmail.com
*nix forums beginner
Joined: 23 Mar 2005
Posts: 9
|
| Posted: Fri Apr 01, 2005 6:12 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
Care to explain? I'm running an OpenVPN server on 192.168.215.252
which also has an external interface. This way clients coming in
through VPN get routed through the VPN server then the gateway then to
local PC's which then send packets back the same way.
If I had the VPN server on 192.168.0.x, packets sent TO 192.168.0.x
from VPN would just get sent directly through the VPN's interface but
packets sent FROM 192.168.0.x would go first to the gateway then to the
VPN server and I couldn't get anything working. |
|
| Back to top |
|
|
adiavr@gmail.com
*nix forums beginner
Joined: 23 Mar 2005
Posts: 9
|
| Posted: Fri Apr 01, 2005 5:21 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
Here's the interface in question
rl2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:11:2f:c6:cc:44
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::211:2fff:fec6:cc44%rl2 prefixlen 64 scopeid 0x3
inet 192.168.215.254 netmask 0xffffff00 broadcast
192.168.215.255 |
|
| Back to top |
|
|
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
| Posted: Fri Apr 01, 2005 12:22 am Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Thu, 31 Mar 2005 19:51:39 -0600, John McGrail wrote:
| Quote: | run the command
ifconfig -a
on the OpenBSD gateway and post the output ...
|
Don't you mean
# ifconfig -A |
|
| Back to top |
|
|
John McGrail
*nix forums beginner
Joined: 23 Feb 2005
Posts: 22
|
| Posted: Thu Mar 31, 2005 11:51 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On 2005-03-29, adiavr@gmail.com <adiavr@gmail.com> wrote:
| Quote: | Our OpenBSD gateway has an IP address of 192.168.0.254. Recently I
added an alias on the interface for 192.168.215.254. Now everytime I
do a traceroute from a computer sitting on 192.168.0.x (which has
default gateway 192.168.0.254), the firewall returns the
192.168.215.254 first hop address. Any idea what causes this?
run the command |
ifconfig -a
on the OpenBSD gateway and post the output ...
--
ratfood@food.skaterat.net
All foods should be removed to reply |
|
| Back to top |
|
|
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
| Posted: Thu Mar 31, 2005 11:05 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Thu, 31 Mar 2005 15:43:36 -0800, adiavr@gmail.com wrote:
| Quote: | I can't see anything wrong with that.
|
Except for the fact that you put two different networks onto the same
network interface.
Is that your idea of "security"? |
|
| Back to top |
|
|
adiavr@gmail.com
*nix forums beginner
Joined: 23 Mar 2005
Posts: 9
|
| Posted: Thu Mar 31, 2005 9:43 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
It does not matter indeed, I just found it weird. Connectivity works
fine.
These are some of the entries in the routing table on the OpenBSD box:
Destination Gateway Flags Refs Use Mtu
Interface
192.168.0/24 link#3 UC 54 0 -
rl2
192.168.215/24 link#3 UC 2 0 -
rl2
192.168.215.1 link#3 UHRLc 0 63 -
rl2
192.168.215.252 0:11:d8:36:38:fa UHLc 1 5360 -
rl2
192.168.215.254 127.0.0.1 UGHS 0 508 33224
lo0
I can't see anything wrong with that. |
|
| Back to top |
|
|
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
| Posted: Thu Mar 31, 2005 5:18 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Thu, 31 Mar 2005 10:32:55 -0800, bradmbreer@yahoo.com wrote:
| Quote: | How the windows "discovered" the 192.168.225.254 was via the ICMP TTL
message from traceroute.
|
It appears that OpenBSD-3.6 does indeed use the aliased address to send
that message. The anomaly occurs using not only Windose but Solaris,
Linux and OpenBSD, too. |
|
| Back to top |
|
|
bradmbreer@yahoo.com
*nix forums beginner
Joined: 30 Mar 2005
Posts: 13
|
| Posted: Thu Mar 31, 2005 4:32 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
Obviously if the Windows box is receiving responses from the traceroute
there is an entry for the 192.168.0.0/24 network in the routing table
on the openbsd gateway.
There's is nothing wrong with the 255.255.255.255 in the Windows
routing table. The windows box would never arp for the mac address of
192.168.215.254 because it's on a different network. When the windows
box does the adjacency test on the 192.168.215.254 address it realizes
it's on a different network and knows that it must send that packet to
its default gateway, so it arps for the mac address of it's default
gateway, 192.168.0.254.
How the windows "discovered" the 192.168.225.254 was via the ICMP TTL
message from traceroute.
Try giving the matter some more consideration. |
|
| Back to top |
|
|
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
| Posted: Thu Mar 31, 2005 4:07 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Thu, 31 Mar 2005 09:52:11 -0800, bradmbreer@yahoo.com wrote:
| Quote: | Any packet from 192.168.215.0/24 network (or any network for that
matter) gets to the 192.168.0.0/24 network through the openbsd gateway
the OP was talking about.
|
Not without a routing table entry having been generated for that route.
I have given the matter some more consideration and have come to the
conclusion that the problem really resides in that bogus 255.255.255.255
entry in the routing table. That entry permitted Windose to discover the
192.168.215.254 address and MAC through ARP.
Packets within a LAN do not use IP addresses, but rather MAC addresses and
because Windose associated the MAC address of the OpenBSD router with the
192.168.215.254 address that is what it reported.
No sane OS ever uses such a bogus routing table entry. I have 3 different
OSs on this LAN, none of them Windose:
Solaris 10:
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 192.168.0.7 U 1 473 hme0
224.0.0.0 192.168.0.7 U 1 0 hme0
default 192.168.0.1 UG 1 923
127.0.0.1 127.0.0.1 UH 16 811556 lo0
Slackware Linux:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
OpenBSD-3.6:
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 192.168.0.1 UGS 1 132837 - fxp0
127/8 127.0.0.1 UGRS 0 0 33224 lo0
127.0.0.1 127.0.0.1 UH 3 1464 33224 lo0
192.168.0/24 link#1 UC 5 0 - fxp0
192.168.0.1 0:80:5f:9d:90:21 UHLc 1 0 - fxp0
192.168.0.3 0:a0:c9:b0:d0:69 UHLc 0 919 - fxp0
192.168.0.6 8:0:9:dc:b9:e0 UHLc 1 30636 - fxp0
192.168.0.7 8:0:20:b7:10:4e UHLc 2 95 - fxp0
192.168.0.9 127.0.0.1 UGHS 0 0 33224 lo0
192.168.0.101 0:d:88:1d:fb:8b UHLc 2 31 - fxp0
224/4 127.0.0.1 URS 0 0 33224 lo0 |
|
| Back to top |
|
|
bradmbreer@yahoo.com
*nix forums beginner
Joined: 30 Mar 2005
Posts: 13
|
| Posted: Thu Mar 31, 2005 4:04 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
a packet from 192.168.215.0/24 network (and any network for that
matter) gets to the 192.168.0.0/24 through the openbsd gateway that the
OP was talking about... |
|
| Back to top |
|
|
bradmbreer@yahoo.com
*nix forums beginner
Joined: 30 Mar 2005
Posts: 13
|
| Posted: Thu Mar 31, 2005 3:52 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
Any packet from 192.168.215.0/24 network (or any network for that
matter) gets to the 192.168.0.0/24 network through the openbsd gateway
the OP was talking about. |
|
| Back to top |
|
|
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
| Posted: Thu Mar 31, 2005 3:09 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Thu, 31 Mar 2005 08:35:11 -0800, bradmbreer@yahoo.com wrote:
| Quote: | If you undertsand how traceroute works this isn't really that
surprising. When the openbsd box is sending the ICMP TTL exceeded
message back to the windows box it's simply choosing to use
192.168.215.254 as its source IP address.
|
Really? The OP made no mention of changing his routing table. How does a
packet from the 192.168.215.0/24 network get to the 192.168.0.0/24
network? Of course the OP may have borked his netmask when aliasing that
interface, but otherwise your conjecture appears to be impossible. |
|
| Back to top |
|
|
bradmbreer@yahoo.com
*nix forums beginner
Joined: 30 Mar 2005
Posts: 13
|
| Posted: Thu Mar 31, 2005 2:35 pm Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
It doesn't need a route to 192.168.215.254. Windows boxes don't need to
know about every network. They only need to know how to get to the
network they are directly connected to and how to get to the router
(default gateway, openbsd box). The router will get its packet to any
remote network.
If you undertsand how traceroute works this isn't really that
surprising. When the openbsd box is sending the ICMP TTL exceeded
message back to the windows box it's simply choosing to use
192.168.215.254 as its source IP address. |
|
| Back to top |
|
|
Dave Uhring
*nix forums Guru
Joined: 02 Mar 2005
Posts: 973
|
| Posted: Thu Mar 31, 2005 11:59 am Post subject:
Re: OpenBSD box returning wrong IP
|
|
|
On Thu, 31 Mar 2005 04:07:52 -0800, bradmbreer@yahoo.com wrote:
| Quote: | Wrong, 192.168.0.255 is the directed broadcast for 192.168.0.0/24 while
255.255.255.255 is the limited broadcast. They are both in the routing
table that adiavr included.
Do you just make stuff up as you go along?
|
No, but Microsfot does. That Windose box has no other route to
192.168.215.254. |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
*nix
»
BSD
»
OpenBSD
