From owner-freebsd-net@FreeBSD.ORG Thu Dec 24 15:05:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F409C10656A6 for ; Thu, 24 Dec 2009 15:05:20 +0000 (UTC) (envelope-from cjeker@diehard.n-r-g.com) Received: from diehard.n-r-g.com (diehard.n-r-g.com [62.48.3.9]) by mx1.freebsd.org (Postfix) with ESMTP id 1F0338FC08 for ; Thu, 24 Dec 2009 15:05:19 +0000 (UTC) Received: (qmail 2796 invoked by uid 1001); 24 Dec 2009 15:05:18 -0000 Date: Thu, 24 Dec 2009 16:05:18 +0100 From: Claudio Jeker To: freebsd-net@freebsd.org Message-ID: <20091224150518.GA21386@diehard.n-r-g.com> Mail-Followup-To: Claudio Jeker , freebsd-net@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Subject: Re: Routing question (GRE packet vs normal traceroute)? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Dec 2009 15:05:21 -0000 On Thu, Dec 24, 2009 at 12:38:07AM -0800, Xin LI wrote: > Hi, > > A friend of mine has encountered some problem in his setup which > consists a pair of GRE peer, one running on OpenBSD and another > running FreeBSD 7.2-RELEASE; with 7.2-STABLE, there is no improvement > over the situation. The problem we have observed seems to be related > to GRE packet not being routed as observed, here is some details: > > - The FreeBSD box has one network interface connected to two (2) > upstream network, with different IP and does not belong to the same > subnet, say, one is 1.2.3.4/24 and another is 5.6.7.8/24 > - The default gateway can be reached through the first IP address > bound to the network interface; > - An explicit route has been configured to the OpenBSD host, the > gateway being used can be reached directly via the secondary (aliased > 5.6.7.8/24) IP. > - Both the default gateway and the explicit host route can reach the > OpenBSD route. > > The problem they had is, while traceroute to the OpenBSD host can give > the desired result, however, packets that is supposed to be > transferred through the GRE tunnel, while they will be encapsulated > into a GRE packet, the GRE packet itself won't go to the explicit host > route, but end up going to the default gateway. > > The friend has configured his switch to "bounce" the packet back to > the server by configuring a host route on L3 switch, and it seems that > the FreeBSD box is able to route the GRE packet to its desired gateway > this time. > > Any suggestions? > gre(4) is caching the route to the destination on creation time (when the ifconfig greX tunnel src_addr dest_addr command is issued). So you need to create the host route to the openbsd box before configuring the gre tunnel. It should be possible to reconfigure the tunnel-endpoints which should redo the route lookup resulting in a correct routing. -- :wq Claudio