From owner-freebsd-net@FreeBSD.ORG  Wed Feb  3 09:35:30 2010
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F1BB31065676
	for <net@freebsd.org>; Wed,  3 Feb 2010 09:35:30 +0000 (UTC)
	(envelope-from qing.li@bluecoat.com)
Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28])
	by mx1.freebsd.org (Postfix) with ESMTP id D72968FC14
	for <net@freebsd.org>; Wed,  3 Feb 2010 09:35:30 +0000 (UTC)
Received: from bcs-mail03.internal.cacheflow.com ([10.2.2.95])
	by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id o139ZTnU023454;
	Wed, 3 Feb 2010 01:35:30 -0800 (PST)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 3 Feb 2010 01:35:17 -0800
Message-ID: <B583FBF374231F4A89607B4D08578A430682FE95@bcs-mail03.internal.cacheflow.com>
In-Reply-To: <201002030456.VAA00664@lariat.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Routing problems on VPN servers running FreeBSD  8.0-RELEASE 
Thread-Index: AcqkjVTBh7utfe7JSQiII+TTc34JjgAJAKxA
References: <201002030134.SAA28719@lariat.net>
	<B583FBF374231F4A89607B4D08578A430682FE1B@bcs-mail03.internal.cacheflow.com>
	<201002030456.VAA00664@lariat.net>
From: "Li, Qing" <qing.li@bluecoat.com>
To: "Brett Glass" <brett@lariat.net>, <net@freebsd.org>
Cc: 
Subject: RE: Routing problems on VPN servers running FreeBSD  8.0-RELEASE 
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 09:35:31 -0000

>
> The problems seem to be that (a) proxy ARP doesn't get set
> up in either the ARP table or the routing table, and=20
>

Proxy ARP entries are not installed into the routing table.

I believe I have fixed this issue in svn r201282 and merged=20
into 8-STABLE

http://svn.freebsd.org/viewvc/base?view=3Drevision&revision=3D201282

http://svn.freebsd.org/viewvc/base?view=3Drevision&revision=3D201614

The keyword "only", as documented in the manpage, requires a
host route to be present or else the proxy arp command will fail.
I can forward you an offline exchange I had with Juergen Lock
on this subject.

>
> (b) the PPP
> daemon can't create or destroy many of the routes that the
> connections need to work.
>

The above patch also include fixes for routing related problem as=20
you will note in the commit message, although I am uncertain if
your problems fall into this category.

>=20
> I can't believe that a version of a major operating system shipped
> without the ability to do PPP, but apparently that's the case!
>=20

Various users reported problems in the vpn/ppp area and those
were addressed before the release.

Given the diverse usage of the operating system, it's fair to say
that I try my best to perform the necessary test coverage, but
it's difficult to be inclusive of all scenarios.

In any case, I am here to work with you to resolve your issues
as quickly as I can.

-- Qing