Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 12 Feb 2010 17:09:40 -0500
From:      David Horn <dhorn2000@gmail.com>
To:        Brett Glass <brett@lariat.net>
Cc:        "Li, Qing" <qing.li@bluecoat.com>, net@freebsd.org
Subject:   Re: Routing problems on VPN servers running FreeBSD 8.0-RELEASE
Message-ID:  <25ff90d61002121409m6a9d7639qf254a754644a60ca@mail.gmail.com>
In-Reply-To: <201002122133.OAA16835@lariat.net>
References:  <201002122133.OAA16835@lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, Feb 12, 2010 at 4:32 PM, Brett Glass <brett@lariat.net> wrote:
> Qing:
>
> Last night, I updated an 8.0-RELEASE test machine to 8.0-RELENG using csup,

If you have not already, make certain you use the appropriate tag of
"RELENG_8", and not "RELENG_8_0" as per:
http://www.freebsd.org/doc/handbook/cvs-tags.html

Since what you are needing for this particular test is 8-STABLE. You
can use csup(1) to get the latest stable source as follows:

csup -h <enter cvsup mirror hostname here>
/usr/share/examples/cvsup/stable-supfile

You can get the list of csup/cvsup mirrors here:
http://www.freebsd.org/doc/handbook/cvsup.html#CVSUP-MIRRORS

> and then rebuilt the world and the kernel. I then tested both ppp(8) (with
> PoPTop) and mpd 5.3 on the machine. (I did not recompile mpd, but ppp(8) was
> of course recompiled when I rebuilt the world.)
>
> Proxy ARP for users tunneling into the LAN via a PPTP VPN did not work. mpd
> produced no error message, but it did not create the proxy arp entry and the
> VPN connection was immediately broken.
>
> ppp(8) gave the error message
>
> Feb 12 14:16:02 <daemon.err> tester ppp[1078]: tun0: Error: Add proxy arp
> entry <address>: File exists
>
> and then disconnected. Connections for which firewall NAT (rather than proxy
> arp) was used seemed to function properly. Unfortunately, this isn't an
> acceptable workaround for machines that need full access when tunneling
> through a firewall.
>
> I've been told that the ARP and routing changes are new to 8.0-RELEASE.
> Therefore, we may abandon 8-STABLE and try 7.3-RELEASE (assuming that we can
> find drivers for our hardware) if we can't get routing and ARP to work with
> the various PPP implementations soon. Please let me know if you can
> implement changes that will help us use 8-STABLE.
>
> --Brett Glass
>

Good Luck.

---Dave

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?25ff90d61002121409m6a9d7639qf254a754644a60ca>