[nycbug-talk] OpenBSD PF help

Okan Demirmen okan at demirmen.com
Wed Jun 13 15:17:10 EDT 2007

On Wed 2007.06.13 at 15:06 -0400, Barry Kominik wrote:
> > From what I see, you have some machines which don't use your router at
> > all.. What interface is the ip assigned to? Is that your
> > router or the colo?
> >
> > -jesse
> >
> the handoff network is connected to bge0
> The inside is connected to bge1
> The networks do not overlap. The firewall machine can access the
> internet fine. I get "ping: unknown host xxx.com". A tcp dump on the
> south interface, bge1, shows the packets going to the dns server. A
> dump on the north side, bge0, shows the request going out and the
> response coming back. The response never traverses the router. I have
> net.inet.ip.forwarding=1. pf is not running. Does the bge0 need to be
> in promiscuous mode in order to process the packets?

your first hint was when you did your bridging test; brian mentioned
what your isp needs to be doing; and 3rd, your tcpdump results.

you are *supposed* to have one 'connected' network and one 'routed'
network.  it seems that latter is _not_ 'routed', but rather
'connected'.  talk to your isp. 

