From owner-freebsd-net@FreeBSD.ORG Fri Feb 12 22:37:49 2010 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9EAEA106566C for ; Fri, 12 Feb 2010 22:37:49 +0000 (UTC) (envelope-from dhorn2000@gmail.com) Received: from mail-fx0-f228.google.com (mail-fx0-f228.google.com [209.85.220.228]) by mx1.freebsd.org (Postfix) with ESMTP id 33FCF8FC12 for ; Fri, 12 Feb 2010 22:37:48 +0000 (UTC) Received: by fxm28 with SMTP id 28so1228889fxm.34 for ; Fri, 12 Feb 2010 14:37:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=YuySTatYWE2Xrh0B2RtHLyVKv5/cG1xBgtZqr0BON0E=; b=TUgxfTA7mql5QSINCzyYW9pRvbpwS5vPOR5LcJ4x2V4q4XXXxnQ7RU9vLWjQZtmMtt p/0OjmB2RNoP6XzgPUmFH55OMP1TDkqC+fLFoWQAMqORg+2RtdaH6ITNhLcD/0WMzKOx rIpx7kPHQ6qy7cuLuWk56S6msE7cSgSSxBj7g= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=ZB7ms7by4so+xeqA2/ATenY7u+Ev6VFUNeCmArOz0WTq3TUIcQsgeOPPc5i4FV3IMg r63Tf2eLjkchgLjpdAU5y//EencGArwgGGothWEiNE9k3cc86z5PpAiDPj1f/dajdsC0 uzubNV1xy29pHjX9cAx1oASMyyl4wVsqPFPa8= MIME-Version: 1.0 Received: by 10.239.185.6 with SMTP id a6mr231267hbh.31.1266012580368; Fri, 12 Feb 2010 14:09:40 -0800 (PST) In-Reply-To: <201002122133.OAA16835@lariat.net> References: <201002122133.OAA16835@lariat.net> Date: Fri, 12 Feb 2010 17:09:40 -0500 Message-ID: <25ff90d61002121409m6a9d7639qf254a754644a60ca@mail.gmail.com> From: David Horn To: Brett Glass Content-Type: text/plain; charset=ISO-8859-1 Cc: "Li, Qing" , net@freebsd.org Subject: Re: Routing problems on VPN servers running FreeBSD 8.0-RELEASE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Feb 2010 22:37:49 -0000 On Fri, Feb 12, 2010 at 4:32 PM, Brett Glass wrote: > Qing: > > Last night, I updated an 8.0-RELEASE test machine to 8.0-RELENG using csup, If you have not already, make certain you use the appropriate tag of "RELENG_8", and not "RELENG_8_0" as per: http://www.freebsd.org/doc/handbook/cvs-tags.html Since what you are needing for this particular test is 8-STABLE. You can use csup(1) to get the latest stable source as follows: csup -h /usr/share/examples/cvsup/stable-supfile You can get the list of csup/cvsup mirrors here: http://www.freebsd.org/doc/handbook/cvsup.html#CVSUP-MIRRORS > and then rebuilt the world and the kernel. I then tested both ppp(8) (with > PoPTop) and mpd 5.3 on the machine. (I did not recompile mpd, but ppp(8) was > of course recompiled when I rebuilt the world.) > > Proxy ARP for users tunneling into the LAN via a PPTP VPN did not work. mpd > produced no error message, but it did not create the proxy arp entry and the > VPN connection was immediately broken. > > ppp(8) gave the error message > > Feb 12 14:16:02 tester ppp[1078]: tun0: Error: Add proxy arp > entry
: File exists > > and then disconnected. Connections for which firewall NAT (rather than proxy > arp) was used seemed to function properly. Unfortunately, this isn't an > acceptable workaround for machines that need full access when tunneling > through a firewall. > > I've been told that the ARP and routing changes are new to 8.0-RELEASE. > Therefore, we may abandon 8-STABLE and try 7.3-RELEASE (assuming that we can > find drivers for our hardware) if we can't get routing and ARP to work with > the various PPP implementations soon. Please let me know if you can > implement changes that will help us use 8-STABLE. > > --Brett Glass > Good Luck. ---Dave