From owner-freebsd-questions@FreeBSD.ORG  Tue Nov 25 14:09:11 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 871DB16A4CE
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Nov 2003 14:09:11 -0800 (PST)
Received: from hotmail.com (bay9-f38.bay9.hotmail.com [64.4.47.38])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A186443FAF
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Nov 2003 14:09:10 -0800 (PST)
	(envelope-from amin_abdul@hotmail.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Tue, 25 Nov 2003 14:09:10 -0800
Received: from 198.168.30.2 by by9fd.bay9.hotmail.msn.com with HTTP;
	Tue, 25 Nov 2003 22:09:10 GMT
X-Originating-IP: [198.168.30.2]
X-Originating-Email: [amin_abdul@hotmail.com]
From: "Amin Abdul" <amin_abdul@hotmail.com>
To: freebsd-questions@freebsd.org
Date: Tue, 25 Nov 2003 22:09:10 +0000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <BAY9-F38hbpaLGSWa530001a177@hotmail.com>
X-OriginalArrivalTime: 25 Nov 2003 22:09:10.0627 (UTC)
	FILETIME=[C0BD3330:01C3B3A0]
Subject: VPN(touch-ID)/gif0/Dynamic Routing Issue
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Nov 2003 22:09:11 -0000

Hello,

I have few questions regarding the Dynamic Rouitng (i.e. routed)  and gif0  
interface.

I go through the following documents:
http://www.freebsd.org/handbook/ipsec.html    
http://asherah.dyndns.org/~josh/ipsec-howto.txt
and follow the following steps:

1. Configure the gif0 interface using the   
www.freebsd.org/handbook/ipsec.html  diagram as reference, it  work fine  
(tested by ping)

2. Configure IPSec in Transport mode (since I am interested in  forwarding  
dynamic  routing information over point-2-point VPN)  using 
draft-touch-ipsec- vpn approach,  i.e: IPSec policy
spdadd A.B.C.D W.X.Y.Z any -P out ipsec esp/transport//use;
spdadd W.X.Y.Z A.B.C.D any -P in ipsec esp/transport//use;
It works fine (ping test).

3. Now I start "routed" with "-s" options, It never saw any  routing  
information  flow through the VPN (tcpdump).

4. So, I disabled the IPSec and try again but I still saw no  routing  
information  over VPN (tcpdump).

5. So, I disabled the gif0 interface as well, I saw the RIP  packets  
exchanges  between two freeBSD machine.

Summary:
1. routed works fine without gif0 interface.
2. VPN works fine without routed.

Question:
Now my questions are
1. There is any in-compatibility (or known bug) between  routed and  gif0  
interface (I am using freeBSD 4.8 Release).

2. Is there any freeBSD document which describe how to  configure gif0  and  
routed together.

Thanks,
Amin

_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca