From owner-freebsd-net@FreeBSD.ORG Thu Feb 4 13:13:57 2010 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 15AFE106568B for ; Thu, 4 Feb 2010 13:13:57 +0000 (UTC) (envelope-from brett@lariat.net) Received: from lariat.net (lariat.net [66.119.58.2]) by mx1.freebsd.org (Postfix) with ESMTP id A0E388FC0C for ; Thu, 4 Feb 2010 13:13:56 +0000 (UTC) Received: from anne-o1dpaayth1.lariat.net (IDENT:ppp1000.lariat.net@lariat.net [66.119.58.2]) by lariat.net (8.9.3/8.9.3) with ESMTP id GAA20658; Thu, 4 Feb 2010 06:13:50 -0700 (MST) Message-Id: <201002041313.GAA20658@lariat.net> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Thu, 04 Feb 2010 06:13:43 -0700 To: "Li, Qing" , From: Brett Glass In-Reply-To: References: <201002030134.SAA28719@lariat.net> <201002030456.VAA00664@lariat.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: Subject: RE: Routing problems on VPN servers running FreeBSD 8.0-RELEASE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2010 13:13:57 -0000 At 02:35 AM 2/3/2010, Li, Qing wrote: >Proxy ARP entries are not installed into the routing table. Not since the ARP table and the routing table have been split. However, the addresses for which the machine is doing proxy ARP do need to show up there, and they do not. >I believe I have fixed this issue in svn r201282 and merged >into 8-STABLE > >http://svn.freebsd.org/viewvc/base?view=revision&revision=201282 > >http://svn.freebsd.org/viewvc/base?view=revision&revision=201614 Is there a way to get patches to run against 8.0-RELEASE? If I do not install -RELEASE on a machine, I can't use freebsd-update to maintain it. >The keyword "only", as documented in the manpage, requires a >host route to be present or else the proxy arp command will fail. The entry is not being set up from the command line but by a PPP program (mpd or ppp(8)). >(b) the PPP >daemon can't create or destroy many of the routes that the >connections need to work. > >The above patch also include fixes for routing related problem as >you will note in the commit message, although I am uncertain if >your problems fall into this category. I do not know. What I do know is that all PPP implementations I've tried -- including Somers ppp(8) and mpd 5.3 -- are failing to set up the host routes for the PPP endpoints and also the loopback routes for the pseudo-interfaces (ng or tun). >Various users reported problems in the vpn/ppp area and those >were addressed before the release. Some of these actually worsened after the release. When the test machine was updated recently using freebsd-update, we began to get even more problems and error messages. In any event, to put -STABLE on the machine would require either downloading a snapshot or wiping out a lot of work or setting up CVS on machines that won't need it in production, so please let me know if patches are available that will add the recent fixes to 8.0-RELEASE. --Brett Glass