Date: Mon, 27 Jan 2003 21:03:22 +0700 From: budsz <budsz@kumprang.or.id> To: freebsd-stable@FreeBSD.ORG Subject: Tunnel Message-ID: <20030127140322.GA52281@kumprang.or.id>
next in thread | raw e-mail | index | archive | help
Hi, I've tried some tunnel in FreeBSD STABLE box, I started with this URL : http://www.ezunix.org/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=5&page=1 I've two interface in that machine 'wi0' and 'xl0', wi0 link to my IPS and xl0 link for my local net. My ifconfig output look like: router# ifconfig -a xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 202.143.103.229 netmask 0xfffffff0 broadcast 202.143.103.239 inet6 fe80::260:97ff:fedc:f02e%xl0 prefixlen 64 scopeid 0x1 inet 202.143.103.225 netmask 0xffffffff broadcast 202.143.103.225 ether 00:60:97:dc:f0:2e media: Ethernet autoselect (10baseT/UTP) status: active lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500 wi0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 202.143.98.250 netmask 0xfffffffc broadcast 202.143.98.251 inet6 fe80::202:2dff:fe2d:228b%wi0 prefixlen 64 scopeid 0x5 ether 00:02:2d:2d:22:8b media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps) status: associated ssid terasnet-09 1:terasnet-09 stationname kumprang channel 2 authmode OPEN powersavemode OFF powersavesleep 100 wepmode MIXED weptxkey 1 wepkey 1:64-bit gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280 tunnel inet 202.143.103.229 --> 213.253.1.201 inet6 2001:618:4:2000::dde --> 2001:618:4:2000::ddd prefixlen 128 inet6 fe80::260:97ff:fedc:f02e%gif0 prefixlen 64 scopeid 0x6 I used ipng.org.uk for broke tunnel, so this /etc/tunnel.conf # Account details username=user password=XXXXX #host and port of tunnel server (5571 non ssl, 5572 ssl) hostname=ipng.org.uk port=5572 #interface containing the tunnel endpoint ip and the tunnel interface name local_interface=xl0 tunnel_interface=gif0 #remote tunnel ipv4 endpoint and tunnel ipv6 endpoints #local_ip=<youip> - Only use this if you have a static address! local_ip=202.143.103.229 remote_ip=213.253.1.201 local_endpoint=2001:618:4:2000::dde remote_endpoint=2001:618:4:2000::ddd I've tunnel in inside interface xl0 (202.143.103.229). and I run a tunnelc like: router# ifconfig gif0 destroy router# tunnelc WARNING: Unable to verify Server Certificate 210 - OK TLS Session Established. DES-CBC3-SHA 200 - Tunnel Server 0.2.1 waiting. 201 - OK Now a password if you please. 202 - OK Password accepted. Welcome budsz 203 - OK Ip updated to 202.143.103.229 210 - OK If you insist. Bye. add net default: gateway 2001:618:4:2000::ddd Tunnel(gif0) created For ipf.rules and ipf6.rules: router# cat /etc/ipf.rules pass in all pass out all router# cat /etc/ipf6.rules pass in all pass out all So, I try to ping to xl0: router# ping6 2001:618:4:2000::dde PING6(56=40+8+8 bytes) 2001:618:4:2000::dde --> 2001:618:4:2000::dde 16 bytes from 2001:618:4:2000::dde, icmp_seq=0 hlim=64 time=0.54 ms 16 bytes from 2001:618:4:2000::dde, icmp_seq=1 hlim=64 time=0.453 ms ^C --- 2001:618:4:2000::dde ping6 statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.453/0.497/0.540/0.043 ms If I try to broke gateway: router# ping6 2001:618:4:2000::ddd PING6(56=40+8+8 bytes) 2001:618:4:2000::dde --> 2001:618:4:2000::ddd ping6: sendmsg: No route to host ping6: wrote 2001:618:4:2000::ddd 16 chars, ret=-1 ping6: sendmsg: No route to host ping6: wrote 2001:618:4:2000::ddd 16 chars, ret=-1 I try to find in routing table: $ netstat -r | more Internet6: Destination Gateway Flags Netif Expire :: localhost.kumprang UGRSc lo0 => default gif1635.tunnels.ip UGSc gif0 localhost.kumprang localhost.kumprang UH lo0 ::ffff:0.0.0.0 localhost.kumprang UGRSc lo0 gif1635.tunnels.ip UH gif0 link#6 UHL lo0 fe80:: localhost.kumprang UGRSc lo0 fe80::%xl0 link#1 UC xl0 fe80::260:97ff:fed 00:60:97:dc:f0:2e UHL lo0 fe80::%lo0 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%wi0 link#5 UC wi0 fe80::202:2dff:fe2 00:02:2d:2d:22:8b UHL lo0 fe80::%gif0 link#6 UC gif0 fe80::260:97ff:fed link#6 UHL lo0 ff01:: localhost.kumprang U lo0 ff02:: localhost.kumprang UGRS lo0 ff02::%xl0 link#1 UC xl0 ff02::%lo0 localhost.kumprang UC lo0 ff02::%wi0 link#5 UC wi0 ff02::%gif0 link#6 UC gif0 I can't understand why it's happen, so finally I ask to this malinglist because google.com can not help me. would you like explain this? Thank You for advance. -- budsz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030127140322.GA52281>