Date: Tue, 11 Jun 2002 16:40:01 -0700 From: Lars Eggert <larse@ISI.EDU> To: John Nielsen <hackers@jnielsen.net> Cc: hackers@FreeBSD.ORG Subject: Re: gif(4) tunnel through MSN DSL modem Message-ID: <3D068A51.1060302@isi.edu> References: <015301c2117d$0db539c0$0900a8c0@max> <3D06761F.7000904@isi.edu> <01c601c2119f$e3e9ae50$0900a8c0@max>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
John Nielsen wrote:
>>># "Public" interface -- 192.168.1.2 netmask 255.255.255.252"
>>>ifconfig_ed0="DHCP"
>>>gif_interfaces="gif0"
>>>gifconfig_gif0="DSL.public.ip myend.public.ip"
>>>ifconfig_gif0="192.168.6.1 192.168.0.1"
>>>static_routes="john"
>>>route_john="-net 192.168.0 -interface gif0"
>>
>>The problem (one part, at least) is that you use the same IP address
>>(192.168.6.1) on your xl0 and gif0 interfaces (on both ends). You'll
>>want the tunnel addresses to be in a different subnet.
>
> I have another tunnel set up this way and it works fine. Why should the
> tunnel addresses be on a different subnet?
Because your routing table will have an entry that says "to reach net X
use gateway Y", and there will appear to be multiple ways to reach
gateway Y if you have multiple addresses attached to the same subnet.
Also, assigning the same IP address to multiple interfaces is usually a
bad idea. (It is useful in some setups, but this ain't one.) Add
encapsulation, and you've a fine example of black hole due to infinite
encapsulation.
>>Also, the netmask in the infconfig_xl0 line doesn't match the comment,
>>which one is wrong?
>
> The public interface (ed0) always gets the same address from the DSL modem,
> even though it's using DHCP. I think you associated the comment with the
> wrong ifconfig line (I've added a break between them to clarify).
Oh, you're right, sorry. But then you're assigning the same IP address
to THREE interfaces!
> I'm starting to think that it would be easier to use ppp/tun and ssh rather
> than gif in this instance, even though I'm less familiar with that
> arrangement.
I'm willing to bet a beer that these problems will dissappear if you
pick different subnets and IP addresses for your interfaces. This is a
pretty straightforward setup.
Lars
--
Lars Eggert <larse@isi.edu> USC Information Sciences Institute
[-- Attachment #2 --]
0 *H
01
0 +�0 *H
��00
G0
*H
�01
0 UZA10U
Western Cape10U Cape Town10
U
Thawte1
0U
Certificate Services1(0&U Personal Freemail RSA 2000.8.300
010824164000Z
020824164000Z0T10
UEggert1
0
U*Lars10U
Lars Eggert1
0 *H
larse@isi.edu00
*H
��0�
|\Pw v~~
FDooӦA\- Cˀ4.)&{肋
,z
(ܷر߈T7_'txGH^tt/ҹB8%t<#ֲN�V0T0*+e!0 �00L2uMyffBNUbNJJcdZ2s0U
0
larse@isi.edu0
U
0�0
*H
��aJPMՒ�]cѭC+kS+wZ1gY",YT41
j
6:~℩
D~Kؚl=u(ՎM?cF7@}T00
G0
*H
�01
0 UZA10U
Western Cape10U Cape Town10
U
Thawte1
0U
Certificate Services1(0&U Personal Freemail RSA 2000.8.300
010824164000Z
020824164000Z0T10
UEggert1
0
U*Lars10U
Lars Eggert1
0 *H
larse@isi.edu00
*H
��0�
|\Pw v~~
FDooӦA\- Cˀ4.)&{肋
,z
(ܷر߈T7_'txGH^tt/ҹB8%t<#ֲN�V0T0*+e!0 �00L2uMyffBNUbNJJcdZ2s0U
0
larse@isi.edu0
U
0�0
*H
��aJPMՒ�]cѭC+kS+wZ1gY",YT41
j
6:~℩
D~Kؚl=u(ՎM?cF7@}T080fErtcvE.0
*H
�01
0 UZA10U
Western Cape10U Cape Town10U
Thawte Consulting1(0&U
Certification Services Division1$0"UThawte Personal Freemail CA1+0) *H
personal-freemail@thawte.com0
000830000000Z
040827235959Z01
0 UZA10U
Western Cape10U Cape Town10
U
Thawte1
0U
Certificate Services1(0&U Personal Freemail RSA 2000.8.3000
*H
��0�32c %E>nx'gڈD)c5*mp<ܮto034qmOe
KaU5u'rװ
|CBPQ<9TIf�- ki�N0L0)U
"0
0
10UPrivateLabel1-2970U
0�0
U
0
*H
��1KG]qSl]y=&b""I'{9$
*8PUl
LGl
X1B li+@]jy.%݊
Z<D&iHΥbb10001
0 UZA10U
Western Cape10U Cape Town10
U
Thawte1
0U
Certificate Services1(0&U Personal Freemail RSA 2000.8.30G0 +�a0 *H
1
*H
0
*H
1
020611234002Z0# *H
1_ITkl38&0R *H
1E0C0
*H
0*H
�0
*H
@0+0
*H
(0
*H
101
0 UZA10U
Western Cape10U Cape Town10
U
Thawte1
0U
Certificate Services1(0&U Personal Freemail RSA 2000.8.30G0
*H
�m>+ГgG6#%l]ܙCr-Qѭ
eRi='!u
bkB7|"i;[D-njiar7\%qPrpnbgjz|
s
O�������
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D068A51.1060302>