Date: Mon, 20 Aug 2007 04:46:07 -0500 From: Eric Crist <mnslinky@gmail.com> To: Benjamin Close <Benjamin.Close@clearchain.com> Cc: freebsd-questions@freebsd.org Subject: Re: IPv4 over IPV4 on the same network segment Message-ID: <7ABCB14C-5C6A-4091-B90F-59F16E5F7FAC@gmail.com> In-Reply-To: <46C9423A.70101@clearchain.com> References: <46C9423A.70101@clearchain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 20, 2007, at 2:26 AMAug 20, 2007, Benjamin Close wrote: > > Hi Folks, > I've got to route a network over an ipv4 tunnel between to > machines which have their parent link on the same network segment. > Everything works well except for people trying to access the > external address of one of the link machines: ie: > > > Physical 120.1.1.2 (xl0)---------------------------> 120.1.1.3 > (sk0) > Tunnel > 192.168.3.1(gif0) --------------> 192.168.0.1 (gif0) > | | > NET1 (xl1) NET 2 (sk1) > 192.168.3.0/24 192.168.0/24 > > Now anyone on net NET1 can talk to NET2 fine via a default route to > gif0. However anyone on NET1 can't talk to 120.1.1.3 as routing > tries to send via xl0 as it's on the same net and firewall rules > prevent it.The default route for xl0 is gif0 with a link level > route to the ip of sk0. > > Anyone got an idea how to fully route xl1 via gif0? Including the > parent physical address? > Benjamin, I wouldn't use gif0 as the default route, but rather the physical interface. Your system should automatically become aware of the new / 24 networks when you create the gif tunnel. I'm assuming, 120.1.1.2 can ping 120.1.1.3? If so, can either machine ping 192.168.0.1 and 192.168.3.1? If that's the case, simply setting gateway_enable="YES" in /etc/rc.conf should allow all the necessary packets to go to the correct destination. FWIW, if you do want to set the default across the gif tunnel, the other end will have to be able to handle all the internet-bound traffic. HTH ----- Eric F Crist Secure Computing Networks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7ABCB14C-5C6A-4091-B90F-59F16E5F7FAC>