Date: Tue, 25 Jan 2005 17:26:18 +0100 From: Alex <ach@meta-x.org> To: Jeremie Le Hen <jeremie@le-hen.org> Cc: freebsd-net@freebsd.org Subject: Re: gif(4) and bpf(4) Message-ID: <D77B2F04-6EED-11D9-A13F-000D936E5C28@meta-x.org> In-Reply-To: <20050125160837.GG59685@obiwan.tataz.chchile.org> References: <20050124212011.GC59685@obiwan.tataz.chchile.org> <20050125011615.GB47638@dhcp120.icir.org> <20050125143327.GD59685@obiwan.tataz.chchile.org> <20050125144153.GJ47638@dhcp120.icir.org> <20050125150255.GE59685@obiwan.tataz.chchile.org> <20050125152209.GK47638@dhcp120.icir.org> <20050125160837.GG59685@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Since we see ESP traffic directly on the ep0 interface, packets are not going through gif0 as stated in the routing table. IPsec SPD is overriding the routing table, can you check (provide us) with setkey -DP and setkey -D if no SPD is present from your net to 192.168.4.0/24 ? Regards, Alex. > Yes they are (network on the other side of the tunnel is > 192.168.4.0/24) : > %%% > yoda:tools# netstat -rnf inet > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default <hidden gw> UGSc 24 17513460 ep0 > [...] > 192.168.4 192.168.4.13 UGSc 0 691911 gif0 > 192.168.4.13 192.168.1.1 UH 3 6949 gif0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D77B2F04-6EED-11D9-A13F-000D936E5C28>