From owner-freebsd-questions Thu Aug 22 7:32:21 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85FC637B400 for ; Thu, 22 Aug 2002 07:32:17 -0700 (PDT) Received: from mail.seekingfire.com (coyote.seekingfire.com [24.72.10.212]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BF4943E72 for ; Thu, 22 Aug 2002 07:32:17 -0700 (PDT) (envelope-from tillman@seekingfire.com) Received: from blues.seekingfire.prv (blues.seekingfire.prv [192.168.23.211]) by mail.seekingfire.com (Postfix) with ESMTP id 6B3B6185 for ; Thu, 22 Aug 2002 08:32:16 -0600 (CST) Received: (from tillman@localhost) by blues.seekingfire.prv (8.11.6/8.11.6) id g7MEWO814049 for freebsd-questions@freebsd.org; Thu, 22 Aug 2002 08:32:24 -0600 Date: Thu, 22 Aug 2002 08:32:24 -0600 From: Tillman Hodgson To: FreeBSD-Questions Subject: gif tunnel routing Message-ID: <20020822083224.A14044@seekingfire.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i X-Urban-Legend: There is lots of hidden information in headers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Howdy, I've set up an IP-IP tunnel between two hosts on my internal network, Coyote and Athena, and there is apparantly a routing problem between them (as reported by "sendto: No route to host"). Here's what it looks like from host Coyote: [root@coyote root]# ifconfig -a (snipped for brevity) rl0: flags=8843 mtu 1500 inet 192.168.23.2 netmask 0xffffff00 broadcast 192.168.23.255 inet6 fe80::250:bfff:fee1:f433%rl0 prefixlen 64 scopeid 0x1 ether 00:50:bf:e1:f4:33 media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff000000 inet 192.168.168.1 netmask 0xfffffffc gif1: flags=8051 mtu 1280 tunnel inet 192.168.23.2 --> 192.168.23.3 inet6 fe80::250:bfff:fee1:f433%gif1 prefixlen 64 scopeid 0x8 inet 192.168.168.1 --> 192.168.168.2 netmask 0xfffffffc Interface gif1 is the 'fake' interface for the tunnel. I'm terminating on an alias on lo0. I want to be able to ping Athena's alias on lo0 over the tunnel, but I get this: [root@coyote root]# ping 192.168.168.2 PING 192.168.168.2 (192.168.168.2): 56 data bytes ping: sendto: No route to host That seems odd, because there's a specific host entry for 192.168.168.2 that ifconfig automatically adds: [root@coyote root]# netstat -r -n -f inet (snipped for brevity) Destination Gateway Flags Refs Use Netif Expire 127.0.0.1 127.0.0.1 UH 0 10710 lo0 192.168.23 link#1 UC 2 0 rl0 192.168.23.3 00:10:4b:69:2a:86 UHLW 17 898478 rl0 1086 192.168.23.211 00:50:da:16:c0:6b UHLW 1 339 rl0 263 192.168.168.1 192.168.168.1 UH 0 2 lo0 192.168.168.2 192.168.168.1 UH 0 6 gif1 I've modelled the tunnel setup off of the first sections of Greg Panula's _IPSec VPN Using FreeBSD on sans.org. None of the documents I've googled for today mention the need to add any extra routing ... I suspect I'm missing some obvious steps. Can someone assist me with this? TIA, - Tillman -- If you can spend a perfectly useless afternoon in a perfectly useless manner, you have learned how to live. Lin Yu-T'ang To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message