Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Jan 2003 21:03:22 +0700
From:      budsz <budsz@kumprang.or.id>
To:        freebsd-stable@FreeBSD.ORG
Subject:   Tunnel
Message-ID:  <20030127140322.GA52281@kumprang.or.id>

next in thread | raw e-mail | index | archive | help
Hi,

I've tried some tunnel in FreeBSD STABLE box, I started with this URL :
http://www.ezunix.org/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=5&page=1

I've two interface in that machine 'wi0' and 'xl0', wi0 link to my IPS
and xl0 link for my local net. My ifconfig output look like:

router# ifconfig -a
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 202.143.103.229 netmask 0xfffffff0 broadcast 202.143.103.239
        inet6 fe80::260:97ff:fedc:f02e%xl0 prefixlen 64 scopeid 0x1
        inet 202.143.103.225 netmask 0xffffffff broadcast 202.143.103.225
        ether 00:60:97:dc:f0:2e
        media: Ethernet autoselect (10baseT/UTP)
        status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
wi0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 202.143.98.250 netmask 0xfffffffc broadcast 202.143.98.251
        inet6 fe80::202:2dff:fe2d:228b%wi0 prefixlen 64 scopeid 0x5
        ether 00:02:2d:2d:22:8b
        media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps)
        status: associated
        ssid terasnet-09 1:terasnet-09
        stationname kumprang
        channel 2 authmode OPEN powersavemode OFF powersavesleep 100
        wepmode MIXED weptxkey 1
        wepkey 1:64-bit
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        tunnel inet 202.143.103.229 --> 213.253.1.201
        inet6 2001:618:4:2000::dde --> 2001:618:4:2000::ddd prefixlen 128
        inet6 fe80::260:97ff:fedc:f02e%gif0 prefixlen 64 scopeid 0x6

I used ipng.org.uk for broke tunnel, so this /etc/tunnel.conf

# Account details
username=user
password=XXXXX

#host and port of tunnel server (5571 non ssl, 5572 ssl)
hostname=ipng.org.uk
port=5572

#interface containing the tunnel endpoint ip and the tunnel interface
name
local_interface=xl0
tunnel_interface=gif0

#remote tunnel ipv4 endpoint and tunnel ipv6 endpoints
#local_ip=<youip> - Only use this if you have a static address!
local_ip=202.143.103.229
remote_ip=213.253.1.201
local_endpoint=2001:618:4:2000::dde
remote_endpoint=2001:618:4:2000::ddd

I've tunnel in inside interface xl0 (202.143.103.229). and I run a
tunnelc like:

router# ifconfig gif0 destroy
router# tunnelc
WARNING: Unable to verify Server Certificate
210 - OK TLS Session Established. DES-CBC3-SHA
200 - Tunnel Server 0.2.1 waiting.
201 - OK Now a password if you please.
202 - OK Password accepted. Welcome budsz
203 - OK Ip updated to 202.143.103.229
210 - OK If you insist. Bye.
add net default: gateway 2001:618:4:2000::ddd
Tunnel(gif0) created

For ipf.rules and ipf6.rules:

router# cat /etc/ipf.rules
pass in all
pass out all

router# cat /etc/ipf6.rules
pass in all
pass out all

So, I try to ping to xl0:
router# ping6 2001:618:4:2000::dde
PING6(56=40+8+8 bytes) 2001:618:4:2000::dde --> 2001:618:4:2000::dde
16 bytes from 2001:618:4:2000::dde, icmp_seq=0 hlim=64 time=0.54 ms
16 bytes from 2001:618:4:2000::dde, icmp_seq=1 hlim=64 time=0.453 ms
^C
--- 2001:618:4:2000::dde ping6 statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.453/0.497/0.540/0.043 ms

If I try to broke gateway:

router# ping6 2001:618:4:2000::ddd
PING6(56=40+8+8 bytes) 2001:618:4:2000::dde --> 2001:618:4:2000::ddd
ping6: sendmsg: No route to host
ping6: wrote 2001:618:4:2000::ddd 16 chars, ret=-1
ping6: sendmsg: No route to host
ping6: wrote 2001:618:4:2000::ddd 16 chars, ret=-1

I try to find in routing table:

$ netstat -r | more

Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost.kumprang UGRSc       lo0 =>
default            gif1635.tunnels.ip UGSc       gif0
localhost.kumprang localhost.kumprang UH          lo0
::ffff:0.0.0.0     localhost.kumprang UGRSc       lo0
gif1635.tunnels.ip                    UH         gif0
                   link#6             UHL         lo0
fe80::             localhost.kumprang UGRSc       lo0
fe80::%xl0         link#1             UC          xl0
fe80::260:97ff:fed 00:60:97:dc:f0:2e  UHL         lo0
fe80::%lo0         fe80::1%lo0        Uc          lo0
fe80::1%lo0        link#3             UHL         lo0
fe80::%wi0         link#5             UC          wi0
fe80::202:2dff:fe2 00:02:2d:2d:22:8b  UHL         lo0
fe80::%gif0        link#6             UC         gif0
fe80::260:97ff:fed link#6             UHL         lo0
ff01::             localhost.kumprang U           lo0
ff02::             localhost.kumprang UGRS        lo0
ff02::%xl0         link#1             UC          xl0
ff02::%lo0         localhost.kumprang UC          lo0
ff02::%wi0         link#5             UC          wi0
ff02::%gif0        link#6             UC         gif0

I can't understand why it's happen, so finally I ask to this malinglist
because google.com can not help me. would you like explain this?


Thank You for advance.


-- 
budsz

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030127140322.GA52281>