From owner-freebsd-questions@FreeBSD.ORG  Fri Nov 28 07:42:48 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B3D9216A4CE
	for <questions@freebsd.org>; Fri, 28 Nov 2003 07:42:48 -0800 (PST)
Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A253B43F75
	for <questions@freebsd.org>; Fri, 28 Nov 2003 07:42:46 -0800 (PST)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108])
	by cactus.fi.uba.ar (8.12.3/8.12.3) with ESMTP id hASFgStf071001
	for <questions@freebsd.org>; Fri, 28 Nov 2003 12:42:28 -0300 (ART)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Date: Fri, 28 Nov 2003 12:42:28 -0300 (ART)
From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar>
To: questions@freebsd.org
Message-ID: <20031128122236.F70945-100000@cactus.fi.uba.ar>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Scanned-By: MIMEDefang 2.37
Subject: Problems with mpd in pptp mode
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Nov 2003 15:42:48 -0000
X-List-Received-Date: Fri, 28 Nov 2003 15:42:48 -0000
X-List-Received-Date: Fri, 28 Nov 2003 15:42:48 -0000

I'm trying to set up mpd as a pptp client to a remote server.

It authenticates right and setts up the tunnel, but it doesn't quite
work.

I narrowed the problem to sone nasty routing problem, because the pptp
server's IP, as defined in mpd.links is the same as the remote ip
of the ng1 interface.

In detail:

my client: dynamic IP given my my ISP.
pptp server: a.b.c.d

once I run mpd, I get the following:

ng1: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1458
	inet a.b.e.f --> a.b.c.d netmask 0xffffffff
        inet6 fe80::250:daff:fe76:62e5%ng1 prefixlen 64 scopeid 0x9

as you see, the pptp server's ip is the same as the remote ptp one.

After that, the box tries to route all traffic to a.b.c.d via ng1 including
the gre packets and the ones before encapsulation.

here's a tcpdump snippet of what happens:

bash-2.05b# tcpdump -nli ng1
tcpdump: listening on ng1
12:22:59.027790 external > a.b.c.d: gre [KAv1] ID:d03c A:15 [|gre]
12:23:02.587838 external > a.b.c.d: gre [KAv1] ID:d03c A:16 [|gre]
12:23:02.820064 a.b.e.f > a.b.c.d: icmp: echo request
12:23:03.827900 a.b.e.f > a.b.c.d: icmp: echo request
12:23:04.837908 a.b.e.f > a.b.c.d: icmp: echo request
12:23:05.137864 external > a.b.c.d: gre [KAv1] ID:d03c A:17 [|gre]
12:23:05.847928 a.b.e.f > a.b.c.d: icmp: echo request
12:23:06.857961 a.b.e.f > a.b.c.d: icmp: echo request
12:23:07.867965 a.b.e.f > a.b.c.d: icmp: echo request
12:23:08.027909 external > a.b.c.d: gre [KAv1] ID:d03c A:18 [|gre]
12:23:08.877974 a.b.e.f > a.b.c.d: icmp: echo request
12:23:09.887987 a.b.e.f > a.b.c.d: icmp: echo request

The icmp are fine, but the gre packets shouldn't be there.


It seems to me I should delete the actual route to a.b.c.d and replace
it with a route via my actual default gateway. That way, all packets to
the remote peer would go out via xl0 (external interface) and no via
ng1 (the tunnel), but I'm not sure about how I can do it.

Thanks in advance.



				Fer