Add route on OpenBSD for DSL modem on external network

0

I'd like to be able to access my DSL modem, which is acting as a bridge, from within my local network. I've got a setup like this:

{Local network 192.168.1/24}
          |
   rl0:192.168.1.250  
   [OpenBSD Router]
        rl1:up 
       tun0:pppoe
           | 
   [Bridge DSL modem IP:192.168.1.254]
           |
       {Internet}

I'd like to access the Bridge. To do this, I'd expect to have to give rl1 an address (i.e. ifconfig rl1 192.168.1.249) and then add a route (i.e. route add 192.168.1.254/32 -ifp rl1). I've done the first part, i.e. add the router address. The relevant bit of the ifconfig on the router returns:

rl0: flags=8843 mtu 1500
        lladdr 00:20:18:dc:e3:d9
        priority: 0
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet 192.168.1.250 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::220:18ff:fedc:e3d9%rl0 prefixlen 64 scopeid 0x1
rl1: flags=8843 mtu 1500
        lladdr 00:30:f1:16:28:2a
        priority: 0
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet6 fe80::230:f1ff:fe16:282a%rl1 prefixlen 64 scopeid 0x2
        inet 192.168.1.249 netmask 0xffffff00 broadcast 192.168.1.255
tun0: flags=8051 mtu 2048
        priority: 0
        groups: tun egress
        media: Ethernet autoselect
        status: active
        inet a.b.c.d --> w.x.y.z netmask 0xffffffff

However, I do not know the correct command to add a route for 192.168.1.252/32 through the router. I've tried with a lot of variantes of route add ***, to no avail.

Incidentally, the router (a Speedtouch) ought to also respond on IP address 10.0.0.138.

I'd be much obliged for any input and suggestions.

Thank you.

Brian

networking
router
routing
openbsd
asked on Server Fault Sep 1, 2010 by Brian M. Hunt

2 Answers

1

I have a similar configuration that works flawlessly. Here are my recommendations:

  1. rl1 and the IP of your DSL modem should be in a DIFFERENT subnet than that of your LAN.
  2. Don’t use tun. man 4 pppoe. It works better, is more efficient and is far easier to configure.
  3. NATting the traffic that leaves rl1 is easier than routing—it’ll allow your LAN clients to easily access the DSL modem without requiring a route on the modem and without allowing the modem access to your LAN (from a firewall perspective). The following is the relevant part of my pf.conf (in your case, you can replace $aux_ether_if with rl1 and $int_80211_if with rl0):

match out on $aux_ether_if from $int_80211_if:network to $aux_ether_if:network nat-to $aux_ether_if

pass out on $aux_ether_if

Hope this helps.

answered on Server Fault Sep 1, 2010 by (unknown user)
0

If your OpenBSD server has the interfaces bridged, then you don't need to give it an address on rl1. Its clients should be setup to have their default gateway as 192.168.1.254. The will then access your DSL modem for the Internet.

I am not sure why you have a pppoe tunnel device as that should be handled by the DSL router.

Edit:

You will need to configure the BSD machine to Proxy the address on rl0 and pass the data back and forth. One way or another it will need to bridged traffic between the two interfaces. Normally I would use 182.168.2.0 or some other pool on the rl0 side. Then configure the OpenBSD machine as the default router for that network, NATing all traffic. If it has the DSL modem as its default router all should be well. However, either the DSL modem or OpenBSD system will need to NAT the addresses going out on the ISP side. I would expect the DSL modem to do this for you.

answered on Server Fault Sep 1, 2010 by BillThor • edited Sep 1, 2010 by BillThor

User contributions licensed under CC BY-SA 3.0