Date: Tue, 7 Jun 2005 17:56:14 +0930 From: Greg 'groggy' Lehey <grog@FreeBSD.org> To: FreeBSD Questions <questions@FreeBSD.org> Subject: Problems with gif tunnels Message-ID: <20050607082614.GA64194@wantadilla.lemis.com>
next in thread | raw e-mail | index | archive | help
--Ul2mxMk0z4RYCW0d
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I've just installed an ADSL line, and I'm trying to route a class C
network. For some reason the ISP does this kind of routing via a GRE
tunnel, and I'm having the devil's own job getting it to work. Here's
the current situation:
1. ADSL line is up and running. I have a /30 with the following
addresses:
150.101.14.9 gateway address
150.101.14.10 local address
2. To this line, I want to install a tunnel for 192.109.197.0/24.
The ISP tells me to set up a tunnel between the local address
(150.101.14.10) and their tunnel address 203.16.215.227.
According to recent (5.x) documentation, this should be done with:
ifconfig gif0 tunnel 150.101.14.10 203.16.215.227 up
3. Obviously I also need to have IP forwarding enabled.
So I do all this and get:
=20
xl0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=3D9<RXCSUM,VLAN_MTU>
inet 192.109.197.143 netmask 0xffffff00 broadcast 192.109.197.255
inet6 fe80::204:75ff:fefa:a80%xl0 prefixlen 64 scopeid 0x1=20
ether 00:04:75:fa:0a:80
media: Ethernet autoselect (10baseT/UTP)
status: active
rl0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=3D8<VLAN_MTU>
inet6 fe80::202:44ff:fe59:7076%rl0 prefixlen 64 scopeid 0x2=20
inet 150.101.14.10 netmask 0xfffffffc broadcast 150.101.14.11
ether 00:02:44:59:70:76
media: Ethernet autoselect (10baseT/UTP)
status: active
gif0: flags=3D8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1452
tunnel inet 150.101.14.10 --> 203.16.215.227
inet6 fe80::204:75ff:fefa:a80%gif0 prefixlen 64 scopeid 0x5=20
=20
Destination Gateway Flags Refs Use Netif Expire
default 150.101.14.9 UGS 0 7 rl0
150.101.14.8/30 link#2 UC 0 0 rl0
150.101.14.9 00:90:1a:40:09:98 UHLW 2 2 rl0 903
192.109.197 link#1 UC 0 0 xl0
192.109.197.135 00:10:4b:66:1e:e9 UHLW 0 6757 xl0 1056
192.109.197.137 00:50:da:cf:07:35 UHLW 0 99336 xl0 1188
192.109.197.255 ff:ff:ff:ff:ff:ff UHLWb 0 34521 xl0
203.16.215.227 150.101.14.9 UGHS 1 4 rl0
net.inet.ip.forwarding: 1
I then get somebody from the other end to ping me:
17:49:10.228597 IP 203.16.215.227 > 150.101.14.10: IP 192.83.231.16 > 192=
.109.197.145: icmp 64: echo request seq 6908
17:49:11.229188 IP 203.16.215.227 > 150.101.14.10: IP 192.83.231.16 > 192=
.109.197.145: icmp 64: echo request seq 6909
But that's all. Nothing goes out. I've tried this on different
systems, and I know somebody else who is using what looks like an
identical configuration with this ISP, and it works fine. I've tried
different systems, one and two NICs, 4.x and 5.x, all with the same
(non)result. What am I missing?
Greg
--
The virus contained in this message was not detected.
When replying to this message, please copy the original recipients.
If you don't, I may ignore the reply or reply to the original recipients.
For more information, see http://www.lemis.com/questions.html
Finger grog@FreeBSD.org for PGP public key.
See complete headers for address and phone numbers.
--Ul2mxMk0z4RYCW0d
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFCpVomIubykFB6QiMRAqPDAJ0SKrg5JWZOqh0HamW3TqdeZLfdzQCglgt2
bWNrnaSt3U6HAirlm5Cgbyw=
=k7Hm
-----END PGP SIGNATURE-----
--Ul2mxMk0z4RYCW0d--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050607082614.GA64194>