From owner-freebsd-net  Wed Aug  2 11:27:17 2000
Delivered-To: freebsd-net@freebsd.org
Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7])
	by hub.freebsd.org (Postfix) with ESMTP
	id 229BB37BD96; Wed,  2 Aug 2000 11:27:13 -0700 (PDT)
	(envelope-from archie@whistle.com)
Received: (from archie@localhost)
	by bubba.whistle.com (8.9.3/8.9.3) id LAA98525;
	Wed, 2 Aug 2000 11:26:38 -0700 (PDT)
	(envelope-from archie)
From: Archie Cobbs <archie@whistle.com>
Message-Id: <200008021826.LAA98525@bubba.whistle.com>
Subject: Re: Improved PPTP support for libalias(3)
In-Reply-To: <Pine.BSF.4.10.10008021032370.79587-100000@InterJet.elischer.org>
 from Julian Elischer at "Aug 2, 2000 10:36:55 am"
To: Julian Elischer <julian@elischer.org>
Date: Wed, 2 Aug 2000 11:26:38 -0700 (PDT)
Cc: Archie Cobbs <archie@whistle.com>,
	Ruslan Ermilov <ru@FreeBSD.ORG>, Charles Mott <cmott@scientech.com>,
	Erik Salander <erik@whistle.com>, net@FreeBSD.ORG,
	Brian Somers <brian@Awfulhak.org>, Eivind Eklund <perhaps@yes.no>
X-Mailer: ELM [version 2.4ME+ PL68 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Julian Elischer writes:
> > Sorry, I don't understand your point... libalias already does this fine,
> > that's not the problem.
> > 
> > The problem is that two internal clients connecting to the same
> > external server at the same time will result in two TCP connections
> > to the same server seeming to come from the same IP address, which
> > violates the protocol.
> 
> you could do this using the ipfw 'forward' keyword,
> to redirect the streams from the clients to a proxy subprocess
> in the natd process, which would aggregate as needed onto a separate
> tcp stream it runs itself.
> 
> I'm a little confused though. PPTP isn't running over
> TCP.. or are you indicating that the TCP sreams under GRE
> are 'fiddled' by natd?

PPTP includes two components: a TCP control stream and a GRE
transport layer.

A control stream corresponds one-to-one with a remote peer IP address.

Once a control stream is established, you may then establish one or
more actual calls. Each of these calls gets a unique Call ID (unique
to the control stream).

The whole thing is predicated on there only being ONE control stream
for each pair of servers.

-Archie

___________________________________________________________________________
Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message