Route Question

From: Dan Bent (dbent_at_benefit-systems.com)
Date: 01/30/04 

Date: 30 Jan 2004 00:50:29 -0800

I've got a problem I've never seen, and I'm not even sure where to ask
the question, or what information to provide, so bear with me. I have
a firewall running OpenBSD 3.4, and a web server running FreeBSD 4.9.
The firewall's internal interface ia 10.0.1.254. The web server is
10.0.1.251. I can ping and traceroute to the 10.0.1.251 box from
machines inside the firewall, and I get normally expected results
(quick pings, and a route directly to 10.0.1.251). However, when I
traceroute to 10.0.1.251 from the firewall (10.0.1.254), it seems to
get hung up trying to get there through the localhost.

$ traceroute 10.0.1.251
traceroute to 10.0.1.251 (10.0.1.251), 64 hops max, 40 byte packets
 1 localhost (127.0.0.1) 0.745 ms 0.618 ms 0.235 ms
 2 localhost (127.0.0.1) 0.620 ms 0.642 ms 0.400 ms
 3 localhost (127.0.0.1) 0.507 ms 0.735 ms 0.494 ms
 4 localhost (127.0.0.1) 0.614 ms 0.859 ms 0.402 ms
 5 localhost (127.0.0.1) 0.477 ms 0.947 ms 0.681 ms
 6 localhost (127.0.0.1) 0.767 ms 1.8 ms 0.857 ms
 7 localhost (127.0.0.1) 1.13 ms 1.142 ms 0.904 ms
 8 localhost (127.0.0.1) 0.974 ms 1.164 ms^C

Routing table on firewall looks like this:
$ route show
Routing tables

Internet:
Destination Gateway Flags
default 204.128.254.254 UG
10.0.1.0 link#2 U
10.0.1.1 0:60:b0:4a:79:eb UH
10.0.1.6 0:30:6e:13:b6:bc UH
10.0.1.19 2:7:1:1c:5c:32 UH
10.0.1.23 0:4:76:f2:82:89 UH
10.0.1.45 0:1:3:c4:81:0 UH
10.0.1.73 0:4:76:b7:1f:b5 UH
gate localhost UGH
10.0.1.254 0:40:ca:19:dc:84 UH
127.0.0.0 localhost UG
localhost localhost UH
204.128.254.128 link#1 U
www 0:1:2:3b:8:47 UH
204.128.254.254 0:d0:58:a3:b2:b1 UH
BASE-ADDRESS.MCA localhost U

Why is that happening? Where should I look to correct it?
Thanks in advance.

Relevant Pages

  • Re: routing
    ... That's a known server on Internet; the one hosting www.tldp.org and it does ... That means that your routing host is unable to reach Internet. ... Not ping but connect by ssh. ... Is there any firewall on host1? ...
    (Debian-User)
  • ipsec vpn - gif_if connection problem
    ... the GENERIC kernel plus: ... I thought it's a routing problem but I didn't see anything weird; ... then I turned to the firewall and I disabled it but with no effect. ... but if I ping the internal IP of any machine from the other one, ...
    (freebsd-questions)
  • Re: System hanging when two network cards are active
    ... |> Ping might be disabled by your firewall setup script, ... |> and/or routing is bogus. ...
    (comp.os.linux.networking)
  • Re: Apache 1.3 Problems
    ... Did the server restart at all and if so are the ... >>>Sounds like a firewall issue. ... >> shows any tcp packets at all getting through except when lynx is run ... Can you show us a 'traceroute bbrb-isp.Stanford.EDU' from your machine? ...
    (freebsd-questions)
  • Re: tracert from A to B dies just before reaching B -- and vice versa?
    ... traceroute died just before reaching 67.43.158.218. ... the default is to use UDP packets. ... come as a surprise to you, but neither ICMP or UDP is used for SSH ... Dozens of explanations - most probably is the fact that firewall rules ...
    (comp.os.linux.networking)