Date: Fri, 18 Apr 2003 23:22:09 +0100 From: Chris Luke <chrisy@flix.net> To: Brett Glass <brett@lariat.org> Cc: freebsd-net@freebsd.org Subject: Re: Userland PPP/PPTP tunneling problem Message-ID: <20030418222209.GA39709@flix.net> In-Reply-To: <4.3.2.7.2.20030418111623.02819bd0@localhost> References: <0AF1BBDF1218F14E9B4CCE414744E70F07DE93@exchange.wanglobal.net> <4.3.2.7.2.20030418111623.02819bd0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass wrote (on Apr 18):
> Yes, but broadcast is needed for ARP. To tunnel effectively,
> you need to be able to ARP (for example) the printer on the
> LAN you're tunneling into.
Tunnels are point-to-point connections. Each end of the link
has an address, even if inherited from another interface,
and these addresses are either known in advance, or exchanged or
negotiated by a higher-level protocol, such as the negotiation
stuff in PPP. Thus the address of the far end is known, and is
entered as a route into the forwarding table.
eg:
chrisy@brae[~]> ifconfig ng1
ng1: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1500
inet 207.162.200.1 --> 207.162.200.2 netmask 0xffffffff
The "-->" notation denotes a point-to-point interface where the
address is known ahead of time. There's no need to map a layer2
address - there isn't one, in any case. The interface driver
just sends the packets blindly down the line (virtual or not.)
There's no MAC addresses involved, ergo no ARP, no need to
broadcast. Generally, avoiding anything broadcast-like over
any sort of wan-like interface is a good thing.
Chris.
--
== chrisy@flix.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030418222209.GA39709>