From owner-freebsd-questions@FreeBSD.ORG  Mon Aug 20 07:33:30 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F17DE16A417
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Aug 2007 07:33:30 +0000 (UTC)
	(envelope-from Benjamin.Close@clearchain.com)
Received: from ipmail02.adl2.internode.on.net (ipmail02.adl2.internode.on.net
	[203.16.214.141])
	by mx1.freebsd.org (Postfix) with ESMTP id 6E40B13C46B
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Aug 2007 07:33:29 +0000 (UTC)
	(envelope-from Benjamin.Close@clearchain.com)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah4FAJ7byEZ5LToV/2dsb2JhbACBUw
X-IronPort-AV: E=Sophos;i="4.19,283,1183300200"; d="scan'208";a="171974320"
Received: from unknown (HELO mail.clearchain.com) ([121.45.58.21])
	by ipmail02.adl2.internode.on.net with ESMTP; 20 Aug 2007 16:45:47 +0930
Received: from benjamin-closes-powerbook-g4-12.local (wcl.ml.unisa.edu.au
	[130.220.166.5]) (authenticated bits=0)
	by mail.clearchain.com (8.13.8/8.13.8) with ESMTP id l7K7FdTK087660
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Aug 2007 16:45:45 +0930 (CST)
	(envelope-from Benjamin.Close@clearchain.com)
Message-ID: <46C9423A.70101@clearchain.com>
Date: Mon, 20 Aug 2007 16:56:50 +0930
From: Benjamin Close <Benjamin.Close@clearchain.com>
User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728)
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV version 0.91.1,
	clamav-milter version 0.91.1 on pegasus.clearchain.com
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by
	milter-greylist-2.0.2 (mail.clearchain.com [192.168.154.1]);
	Mon, 20 Aug 2007 16:45:45 +0930 (CST)
Subject: IPv4 over IPV4 on the same network segment
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Aug 2007 07:33:31 -0000


Hi Folks,
   I've got to route a network over an ipv4 tunnel between to machines 
which have their parent link on the same network segment.
Everything works well except for people trying to access the external 
address of one of the link machines: ie:


  Physical   120.1.1.2 (xl0)---------------------------> 120.1.1.3 (sk0)
       Tunnel
       192.168.3.1(gif0) --------------> 192.168.0.1 (gif0)
           |                                                    |
        NET1 (xl1)                                  NET 2 (sk1)
     192.168.3.0/24                         192.168.0/24

Now anyone on net NET1 can talk to NET2 fine via a default route to 
gif0. However anyone on NET1 can't talk to 120.1.1.3 as routing tries to 
send via xl0 as it's on the same net and firewall rules prevent it.The 
default route for xl0 is gif0 with a link level route to the ip of sk0.

Anyone got an idea how to fully route xl1 via gif0? Including the parent 
physical address?


Cheers,
   Benjamin