From owner-freebsd-net@FreeBSD.ORG Fri Apr 18 15:22:12 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D69D337B401 for ; Fri, 18 Apr 2003 15:22:12 -0700 (PDT) Received: from vorbis.noc.easynet.net (vorbis.noc.easynet.net [195.40.1.254]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16BB443FAF for ; Fri, 18 Apr 2003 15:22:12 -0700 (PDT) (envelope-from chrisy@vorbis.noc.easynet.net) Received: from chrisy by vorbis.noc.easynet.net with local (Exim 4.10) id 196eFF-000AZo-00; Fri, 18 Apr 2003 23:22:09 +0100 Date: Fri, 18 Apr 2003 23:22:09 +0100 From: Chris Luke To: Brett Glass Message-ID: <20030418222209.GA39709@flix.net> Mail-Followup-To: Chris Luke , Brett Glass , Sten Daniel =?unknown-8bit?Q?S=F8rsdal?= , freebsd-net@freebsd.org References: <0AF1BBDF1218F14E9B4CCE414744E70F07DE93@exchange.wanglobal.net> <4.3.2.7.2.20030418111623.02819bd0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4.3.2.7.2.20030418111623.02819bd0@localhost> User-Agent: Mutt/1.4i Organization: The Flirble Internet Exchange X-URL: http://www.flix.net/ X-FTP: ftp://ftp.flirble.org/ Sender: Chris Luke cc: freebsd-net@freebsd.org Subject: Re: Userland PPP/PPTP tunneling problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2003 22:22:13 -0000 Brett Glass wrote (on Apr 18): > Yes, but broadcast is needed for ARP. To tunnel effectively, > you need to be able to ARP (for example) the printer on the > LAN you're tunneling into. Tunnels are point-to-point connections. Each end of the link has an address, even if inherited from another interface, and these addresses are either known in advance, or exchanged or negotiated by a higher-level protocol, such as the negotiation stuff in PPP. Thus the address of the far end is known, and is entered as a route into the forwarding table. eg: chrisy@brae[~]> ifconfig ng1 ng1: flags=88d1 mtu 1500 inet 207.162.200.1 --> 207.162.200.2 netmask 0xffffffff The "-->" notation denotes a point-to-point interface where the address is known ahead of time. There's no need to map a layer2 address - there isn't one, in any case. The interface driver just sends the packets blindly down the line (virtual or not.) There's no MAC addresses involved, ergo no ARP, no need to broadcast. Generally, avoiding anything broadcast-like over any sort of wan-like interface is a good thing. Chris. -- == chrisy@flix.net