[ previous ] [ next ] [ threads ]
 From:  Paul Dugas <paul at dugas dot cc>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  zero-bit subnet
 Date:  Thu, 27 Apr 2006 00:24:49 -0400
Here's weird one...  I'm working to get a ISP supplied DSL modem/router
out of the path between my m0n0 and the Internet.  The router has an AP
in it that I want to use so I'm reluctant to put it in bridge mode and
that would disable the AP.  I've also learned that their "default
server" NAT option only support TCP and UDP and was the cause of my
earlier PPTP tunnel issues (no GRE).  Tonight, I switched the router
into what Netopia calls "IP passthrough".

Physically, things look like so:

  {LAN} <-> [m0n0] <-> {DMZ} <-> [netopia] <-DSL-> {ISP}

The [netopia] gets a static address from the ISP.  In "IP pass-through"
mode, *all* IP traffic that hits the [netopia] WAN interface gets
forwarded to the same IP on the {DMZ}.  I have the m0n0 box using that
address for its WAN and it mostly works.  But not 100%.

It seems the WAN interface of the netopia is getting assigned an address
with a netmask.  I need to set the WAN sid of the [m0n0] box to
match.  I can't enter a 0-bit mask into m0n0's WAN screen.  As a result,
I think I am getting access to half of the Intrnet, addresses with a
first octet under 128.  (I'm sleepy so this analysis may be flawed).

Any ideas on how to fix this?

Paul Dugas, Computer Engineer                Dugas Enterprises, LLC
paul at dugas dot cc        phone: 404-932-1355     522 Black Canyon Park
http://dugas.cc        fax: 866-751-6494     Canton, GA 30114 USA
On site at GDOT's W.Annex, 404-463-2860 x199
This e-mail and any attachments are confidential.  If you receive
this message in error or are not the intended recipient, you should
not retain, distribute, disclose or use any of this information and
you should destroy the e-mail and any attachments or copies.
signature.asc (0.2 KB, application/pgp-signature)