Date: Wed, 31 Dec 2003 15:20:57 -0600 (CST) From: "Eric Anderson" <anderson@centtech.com> To: "axiom" <axiom@VectorNS.com> Cc: doc@freebsd.org Subject: Re: VPN over IPsec Message-ID: <1811.10.177.173.77.1072905657.squirrel@otter.centtech.com> In-Reply-To: <20031231205854.3560.qmail@vectorns.com> References: <20031231205854.3560.qmail@vectorns.com>
next in thread | previous in thread | raw e-mail | index | archive | help
axiom said: > I have a question regarding the document that talks about "VPN over > IPsec". > I'm trying to create the interface gif0 at boot time and am adding the > following to my /etc/rc.conf according to your document: > > gifconfig_gif0="A.B.C.D W.X.Y.Z" > ifconfig_gif0="inet 192.168.1.1 192.168.2.1 netmask 0xffffffff" > static_routes="vpn" > route_vpn="192.168.2.0 192.168.2.1 netmask 0xffffff00" > > I've obviously changed the IP address schemes to fit my network. > > Using this same documentation on "VPN over IPsec" I can setup the gif0 > interface manually with no problems and everything works. I just don't > want > to have to set it up manually every time I reboot. > > Any suggestions on why the setup to /etc/rc.conf from your documentation > doesn't work? You've really answered your own question in the next paragraph. Basically, the device doesn't exist yet, so it can't run these settings on an interface that does not exist. It must first be created. > > ****************************************************************** > > One other thing i'd like to point out on that document is that when you > tell > the user to run "gifconfig gif0 A.B.C.D W.X.Y.Z" it doesn't work. You must > first create gif0 with "ifconfig gif0 create" and then continue with your > documentation. The documentation should be updated to reflect this. This is the old way of doing it, when gif interfaces were set in-kernel. This changed somewhere around FreeBSD 4.4ish I believe. Does anyone know the correct way to create an interface on system boot, before network is started? Or is this a piece for a /usr/local/etc/rc.d/ script? Eric ------------------------------------------------------------- Eric Anderson anderson@centtech.com Centaur Technology You have my continuous partial attention -------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1811.10.177.173.77.1072905657.squirrel>