From owner-freebsd-stable Mon Jan 27 6: 0:47 2003 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1E4037B401 for ; Mon, 27 Jan 2003 06:00:43 -0800 (PST) Received: from kumprang.or.id (www.kumprang.or.id [202.143.103.227]) by mx1.FreeBSD.org (Postfix) with SMTP id 32C0D43E4A for ; Mon, 27 Jan 2003 06:00:27 -0800 (PST) (envelope-from budsz@kumprang.or.id) Received: (qmail 53807 invoked by uid 1008); 27 Jan 2003 14:03:24 -0000 Date: Mon, 27 Jan 2003 21:03:22 +0700 From: budsz To: freebsd-stable@FreeBSD.ORG Subject: Tunnel Message-ID: <20030127140322.GA52281@kumprang.or.id> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-URL: "http://www.kumprang.or.id/~budsz/" X-Pubkey: "http://www.kumprang.or.id/~budsz/pubkey.txt" X-Pubkey-MD5: "http://www.kumprang.or.id/~budsz/pubkey-checksum.md5" X-Finger-Print: "A05A 268C 3CD4 ABBD D9EB 11E1 F64C 4B4E 6269 5304" X-Organization: "Internet Cafe and Game PC Kumprang" User-Agent: Mutt/1.5.3i X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I've tried some tunnel in FreeBSD STABLE box, I started with this URL : http://www.ezunix.org/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=5&page=1 I've two interface in that machine 'wi0' and 'xl0', wi0 link to my IPS and xl0 link for my local net. My ifconfig output look like: router# ifconfig -a xl0: flags=8843 mtu 1500 inet 202.143.103.229 netmask 0xfffffff0 broadcast 202.143.103.239 inet6 fe80::260:97ff:fedc:f02e%xl0 prefixlen 64 scopeid 0x1 inet 202.143.103.225 netmask 0xffffffff broadcast 202.143.103.225 ether 00:60:97:dc:f0:2e media: Ethernet autoselect (10baseT/UTP) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 faith0: flags=8002 mtu 1500 wi0: flags=8843 mtu 1500 inet 202.143.98.250 netmask 0xfffffffc broadcast 202.143.98.251 inet6 fe80::202:2dff:fe2d:228b%wi0 prefixlen 64 scopeid 0x5 ether 00:02:2d:2d:22:8b media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps) status: associated ssid terasnet-09 1:terasnet-09 stationname kumprang channel 2 authmode OPEN powersavemode OFF powersavesleep 100 wepmode MIXED weptxkey 1 wepkey 1:64-bit gif0: flags=8051 mtu 1280 tunnel inet 202.143.103.229 --> 213.253.1.201 inet6 2001:618:4:2000::dde --> 2001:618:4:2000::ddd prefixlen 128 inet6 fe80::260:97ff:fedc:f02e%gif0 prefixlen 64 scopeid 0x6 I used ipng.org.uk for broke tunnel, so this /etc/tunnel.conf # Account details username=user password=XXXXX #host and port of tunnel server (5571 non ssl, 5572 ssl) hostname=ipng.org.uk port=5572 #interface containing the tunnel endpoint ip and the tunnel interface name local_interface=xl0 tunnel_interface=gif0 #remote tunnel ipv4 endpoint and tunnel ipv6 endpoints #local_ip= - Only use this if you have a static address! local_ip=202.143.103.229 remote_ip=213.253.1.201 local_endpoint=2001:618:4:2000::dde remote_endpoint=2001:618:4:2000::ddd I've tunnel in inside interface xl0 (202.143.103.229). and I run a tunnelc like: router# ifconfig gif0 destroy router# tunnelc WARNING: Unable to verify Server Certificate 210 - OK TLS Session Established. DES-CBC3-SHA 200 - Tunnel Server 0.2.1 waiting. 201 - OK Now a password if you please. 202 - OK Password accepted. Welcome budsz 203 - OK Ip updated to 202.143.103.229 210 - OK If you insist. Bye. add net default: gateway 2001:618:4:2000::ddd Tunnel(gif0) created For ipf.rules and ipf6.rules: router# cat /etc/ipf.rules pass in all pass out all router# cat /etc/ipf6.rules pass in all pass out all So, I try to ping to xl0: router# ping6 2001:618:4:2000::dde PING6(56=40+8+8 bytes) 2001:618:4:2000::dde --> 2001:618:4:2000::dde 16 bytes from 2001:618:4:2000::dde, icmp_seq=0 hlim=64 time=0.54 ms 16 bytes from 2001:618:4:2000::dde, icmp_seq=1 hlim=64 time=0.453 ms ^C --- 2001:618:4:2000::dde ping6 statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.453/0.497/0.540/0.043 ms If I try to broke gateway: router# ping6 2001:618:4:2000::ddd PING6(56=40+8+8 bytes) 2001:618:4:2000::dde --> 2001:618:4:2000::ddd ping6: sendmsg: No route to host ping6: wrote 2001:618:4:2000::ddd 16 chars, ret=-1 ping6: sendmsg: No route to host ping6: wrote 2001:618:4:2000::ddd 16 chars, ret=-1 I try to find in routing table: $ netstat -r | more Internet6: Destination Gateway Flags Netif Expire :: localhost.kumprang UGRSc lo0 => default gif1635.tunnels.ip UGSc gif0 localhost.kumprang localhost.kumprang UH lo0 ::ffff:0.0.0.0 localhost.kumprang UGRSc lo0 gif1635.tunnels.ip UH gif0 link#6 UHL lo0 fe80:: localhost.kumprang UGRSc lo0 fe80::%xl0 link#1 UC xl0 fe80::260:97ff:fed 00:60:97:dc:f0:2e UHL lo0 fe80::%lo0 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%wi0 link#5 UC wi0 fe80::202:2dff:fe2 00:02:2d:2d:22:8b UHL lo0 fe80::%gif0 link#6 UC gif0 fe80::260:97ff:fed link#6 UHL lo0 ff01:: localhost.kumprang U lo0 ff02:: localhost.kumprang UGRS lo0 ff02::%xl0 link#1 UC xl0 ff02::%lo0 localhost.kumprang UC lo0 ff02::%wi0 link#5 UC wi0 ff02::%gif0 link#6 UC gif0 I can't understand why it's happen, so finally I ask to this malinglist because google.com can not help me. would you like explain this? Thank You for advance. -- budsz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message