Opened 11 years ago

Closed 11 years ago

#183 closed enhancement (fixed)

externe interface edge nodes

Reported by: richardvm Owned by: nobody
Priority: major Milestone: WL-9.0-RELEASE
Keywords: Cc:
Resource needed to fix:

Description

externe interface van edge nodes met publieke en private ip adressen kunnen nog niet goed natten.

HybridWatertoren3# pfctl -s nat
<knip>
nat on vr0 inet proto tcp from 172.16.0.0/12 to ! 172.16.0.0/12 port = http -> (vr0) round-robin
nat on vr0 inet proto tcp from 172.16.0.0/12 to ! 172.16.0.0/12 port = https -> (vr0) round-robin
<knip>

Als de externe interface (vr) ook een private range ip heeft wordt in 50 % van de gevallen het private ip gekozen om mee te natten.

11:50:24.726583 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 4850, win 7767, options [nop,nop,TS val 56433271 ecr 1999451180], length 0
11:50:24.729737 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 7686, win 7433, options [nop,nop,TS val 56433272 ecr 1999451180], length 0
11:50:24.730676 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 10364, win 7108, options [nop,nop,TS val 56433272 ecr 1999451180], length 0
11:50:24.732274 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 13200, win 6765, options [nop,nop,TS val 56433273 ecr 1999451180], length 0
11:50:24.736395 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 13200, win 7159, options [nop,nop,TS val 56433274 ecr 1999451180], length 0
11:50:24.736730 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 13200, win 7543, options [nop,nop,TS val 56433274 ecr 1999451180], length 0
11:50:24.736929 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 13200, win 7927, options [nop,nop,TS val 56433274 ecr 1999451180], length 0
11:50:24.737277 IP 92.66.227.164.50713 > 173.194.78.94.80: Flags ., ack 13200, win 8311, options [nop,nop,TS val 56433274 ecr 1999451180], length 0
11:50:36.490731 IP 172.25.90.68.63223 > 173.194.78.94.80: Flags [S], seq 4056275168, win 65535, options [mss 1460,sackOK,eol], length 0
11:50:39.691346 IP 172.25.90.68.63223 > 173.194.78.94.80: Flags [S], seq 4056275168, win 65535, options [mss 1460,sackOK,eol], length 0
11:50:42.892042 IP 172.25.90.68.63223 > 173.194.78.94.80: Flags [S], seq 4056275168, win 65535, options [mss 1460,sackOK,eol], length 0
11:50:49.093340 IP 172.25.90.68.63223 > 173.194.78.94.80: Flags [S], seq 4056275168, win 65535, options [mss 1460,sackOK,eol], length 0
11:51:01.295952 IP 172.25.90.68.63223 > 173.194.78.94.80: Flags [S], seq 4056275168, win 65535, options [mss 1460,sackOK,eol], length 0

Change History (3)

comment:1 by rick, 11 years ago

goeie; zet vr0:0 ipv vr0 en het opgelost, als de externe eerst is. ik had gformat al aangepast, zodat die de externe altijd eerst zet.

comment:2 by richardvm, 11 years ago

Gaat niet goed denk ik.

externe interface is statisch gedefinieerd in een file die buiten gformat valt:
http://svn.wirelessleiden.nl/svn/code/hybrid/branches/releng-9.0/nanobsd/files/etc/pf.hybrid.conf

comment:3 by rick, 11 years ago

Resolution: fixed
Status: newclosed

In 10898/hybrid:

Error: Processor CommitTicketReference failed
Unsupported version control system "svn": No module named 'svn'
Note: See TracTickets for help on using tickets.