Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Aug 2002 08:32:24 -0600
From:      Tillman Hodgson <tillman@seekingfire.com>
To:        FreeBSD-Questions <freebsd-questions@freebsd.org>
Subject:   gif tunnel routing
Message-ID:  <20020822083224.A14044@seekingfire.com>
next in thread | raw e-mail | index | archive | help 
Howdy,

I've set up an IP-IP tunnel between two hosts on my internal network,
Coyote and Athena, and there is apparantly a routing problem between
them (as reported by "sendto: No route to host"). Here's what it looks
like from host Coyote:

[root@coyote root]# ifconfig -a     (snipped for brevity)
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 192.168.23.2 netmask 0xffffff00 broadcast 192.168.23.255
        inet6 fe80::250:bfff:fee1:f433%rl0 prefixlen 64 scopeid 0x1
        ether 00:50:bf:e1:f4:33
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
        inet 127.0.0.1 netmask 0xff000000
        inet 192.168.168.1 netmask 0xfffffffc
gif1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        tunnel inet 192.168.23.2 --> 192.168.23.3
        inet6 fe80::250:bfff:fee1:f433%gif1 prefixlen 64 scopeid 0x8
        inet 192.168.168.1 --> 192.168.168.2 netmask 0xfffffffc

Interface gif1 is the 'fake' interface for the tunnel. I'm terminating
on an alias on lo0. I want to be able to ping Athena's alias on lo0 over
the tunnel, but I get this:

[root@coyote root]# ping 192.168.168.2
PING 192.168.168.2 (192.168.168.2): 56 data bytes
ping: sendto: No route to host

That seems odd, because there's a specific host entry for 192.168.168.2
that ifconfig automatically adds:

[root@coyote root]# netstat -r -n -f inet     (snipped for brevity)
Destination        Gateway            Flags    Refs      Use  Netif Expire
127.0.0.1          127.0.0.1          UH          0    10710    lo0
192.168.23         link#1             UC          2        0    rl0
192.168.23.3       00:10:4b:69:2a:86  UHLW       17   898478    rl0   1086
192.168.23.211     00:50:da:16:c0:6b  UHLW        1      339    rl0    263
192.168.168.1      192.168.168.1      UH          0        2    lo0
192.168.168.2      192.168.168.1      UH          0        6   gif1

I've modelled the tunnel setup off of the first sections of Greg
Panula's _IPSec VPN Using FreeBSD on sans.org. None of the documents
I've googled for today mention the need to add any extra routing ... I
suspect I'm missing some obvious steps. Can someone assist me with this?

TIA,

- Tillman

-- 
If you can spend a perfectly useless afternoon in a perfectly useless manner,
you have learned how to live.
	Lin Yu-T'ang

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020822083224.A14044>