From owner-freebsd-questions@FreeBSD.ORG Fri Jan 27 13:25:43 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 484FC16A420 for ; Fri, 27 Jan 2006 13:25:43 +0000 (GMT) (envelope-from bob_freebsd_questions@fellownet.com) Received: from spike.fellownet.com (fellow.demon.nl [83.160.3.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id C97BB43D45 for ; Fri, 27 Jan 2006 13:25:42 +0000 (GMT) (envelope-from bob_freebsd_questions@fellownet.com) Received: from [192.168.1.36] (dbcorp.xs4all.nl [213.84.221.13]) (authenticated bits=0) by spike.fellownet.com (8.13.4/8.13.4) with ESMTP id k0RDParf002191; Fri, 27 Jan 2006 14:25:37 +0100 (CET) (envelope-from bob_freebsd_questions@fellownet.com) In-Reply-To: <20060125115737.6b3fc4e2@localhost> References: <20060124172803.398db141@localhost> <37771069-F2EF-402A-9542-B6784F494AE7@fellownet.com> <20060125115737.6b3fc4e2@localhost> Mime-Version: 1.0 (Apple Message framework v746.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <7D22F62E-5CEA-4B8A-BBB4-0C42AF93E975@fellownet.com> Content-Transfer-Encoding: 7bit From: Bob Kersten Date: Fri, 27 Jan 2006 14:25:35 +0100 To: Fabian Keil X-Mailer: Apple Mail (2.746.2) Cc: freebsd-questions@freebsd.org Subject: Re: VPN / Bridge X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2006 13:25:43 -0000 Hi, On 25-jan-2006, at 11:57, Fabian Keil wrote: > root@TP51 ~ #ifconfig gif0 tunnel 1.2.3.4 5.6.7.8 up > root@TP51 ~ #ifconfig bridge0 create > root@TP51 ~ #ifconfig bridge0 addm ndis0 addm gif0 up > root@TP51 ~ #ifconfig bridge0 > bridge0: flags=8043 mtu 1500 > ether ac:de:48:f4:4e:9c > priority 32768 hellotime 2 fwddelay 15 maxage 20 > member: gif0 flags=3 > member: ndis0 flags=3 > > BTW: man if_config says all members of the bridge are required to > have the same MTU, but ifconfig doesn't seem to check it. > My setup wouldn't work as gif0 has a MTU of 1280. Gjee ... I'm still not able to add the gif0 device to my bridge0. I'm using FreeBSD6.0 and I've fixed the mtu on my gif0 device to be 1500. These are the steps that I take: [/] root@spike> ifconfig gif0 create [/] root@spike> ifconfig gif0 tunnel 1.2.3.4 5.6.7.8 mtu 1500 up [/] root@spike> ifconfig bridge0 create [/] root@spike> ifconfig bridge0 addm fxp0 [/] root@spike> ifconfig bridge0 addm gif0 ifconfig: BRDGADD gif0: Invalid argument [/] root@spike> ifconfig fxp0: flags=8943 mtu 1500 options=8 inet6 fe80::202:a5ff:fe26:6e45%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.100.101 netmask 0xffffff00 broadcast 192.168.100.255 ether 00:02:a5:26:6e:45 media: Ethernet autoselect (100baseTX ) status: active rl0: flags=8843 mtu 1500 options=8 inet6 fe80::2e0:xxxx:xxxx:xxxx%rl0 prefixlen 64 scopeid 0x2 inet 1.2.3.4 netmask 0xfffffe00 broadcast 83.160.3.255 ether 00:e0:4c:a2:b5:f6 media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 gif0: flags=8051 mtu 1500 tunnel inet 1.2.3.4 --> 5.6.7.8 inet6 fe80::202:a5ff:xxxx:xxxx%gif0 prefixlen 64 scopeid 0x4 bridge0: flags=8000 mtu 1500 ether ac:de:48:ee:6a:cf priority 32768 hellotime 2 fwddelay 15 maxage 20 member: fxp0 flags=3 The 'fake' ip addresses don't matter, it doesn't work with real addresses either. It seems as if gif0 is not accepted as 'real' ethernet device when trying to add it to the bridge. Maybe this isn't the right way to achive the VPN with all clients in the same subnet. Maybe there's a different solution necessary, or I'm doing something wrong, I don't know. Maybe someone could shed some light on this? Cheers, Bob.