From owner-freebsd-net@FreeBSD.ORG  Wed May  6 19:30:52 2015
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 37A34285;
 Wed,  6 May 2015 19:30:52 +0000 (UTC)
Received: from mail-yh0-x232.google.com (mail-yh0-x232.google.com
 [IPv6:2607:f8b0:4002:c01::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id EAD3F12CA;
 Wed,  6 May 2015 19:30:51 +0000 (UTC)
Received: by yhcb70 with SMTP id b70so5193519yhc.0;
 Wed, 06 May 2015 12:30:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=BtwdJestcOF48NYzjvAVkqG1EH+1C1Sr3+pL7BAqbuM=;
 b=yyE+XbVMh2PpIGYmrJ3+qaiiX1WQkM1qdOWVOYmsn6QGn4lghucgDVJ8B7IjJqMV5l
 aFUUuJGaZSxhLDNQ9MOgXRAruhBMG0NE+/ef/r4n6RX4ySGOnuUnCWVG4LyIhuKex5o9
 +LHi+gQMitDTi9i/wCCIqFWXBcQoZUh4JY7qaXv9fKanb9QWL9NyhuWQab5WSsMXKIU1
 SXlaiz9oYizAksNV7U0VNpW/j8d5cgPMp6OlZSS3qzACuVz2nL+2sZA1VNuC0dfn43X3
 R3TwVi5tLNbmY9MjyFO18sz54VLzxfAUCfXRvemQtg8QwqCNcMq/weNZfnhQskCqEABz
 NFrg==
MIME-Version: 1.0
X-Received: by 10.236.206.113 with SMTP id k77mr186645yho.177.1430940650907;
 Wed, 06 May 2015 12:30:50 -0700 (PDT)
Received: by 10.13.252.6 with HTTP; Wed, 6 May 2015 12:30:50 -0700 (PDT)
In-Reply-To: <554A4AA1.4070109@FreeBSD.org>
References: <CABUmD9toVsmOo=sfosBO2Tv_ZU35odpM5MNaLNtzZhZpAXLjgQ@mail.gmail.com>
 <554A4AA1.4070109@FreeBSD.org>
Date: Wed, 6 May 2015 21:30:50 +0200
Message-ID: <CABUmD9ufyCxvWXWQU=6mmFSZKRrWYZ=YGzf9=g7aJn0-9VKaPA@mail.gmail.com>
Subject: Re: FreeBSD makes linux think other subet is in same lan.
From: Martin Larsson <martin.larsson2@gmail.com>
To: "Andrey V. Elsukov" <ae@freebsd.org>
Cc: freebsd-net@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 06 May 2015 19:30:52 -0000

Yes.

root@fjuttsi:~ #  setkey -D
85.230.59.213 194.41.121.12
        esp mode=tunnel spi=1120293717(0x42c65355) reqid=1(0x00000001)
        E: rijndael-cbc  41c6cbe5 4de2a11f e6e57092 58251b2c b51272ba
90f5a84a b9a121db eaf79bb0
        A: hmac-sha2-256  5ca5b365 4ca57b11 239d2487 6def4b97 e6bf2949
ea198f6a 97bf5165 4076f66a
        seq=0x000000b6 replay=4 flags=0x00000000 state=mature
        created: May  6 21:00:03 2015   current: May  6 21:29:01 2015
        diff: 1738(s)   hard: 3600(s)   soft: 3057(s)
        last: May  6 21:28:48 2015      hard: 0(s)      soft: 0(s)
        current: 26296(bytes)   hard: 0(bytes)  soft: 0(bytes)
        allocated: 182  hard: 0 soft: 0
        sadb_seq=1 pid=9279 refcnt=2
194.41.121.12 85.230.59.213
        esp mode=tunnel spi=3371580414(0xc8f63bfe) reqid=1(0x00000001)
        E: rijndael-cbc  69c241be 9465927f a3204ccb 806ee040 69296c1c
1851459a 49d1bba0 fa479454
        A: hmac-sha2-256  5621f6ec 85027965 e20f7db0 279c2085 4a2c7061
561afcc2 f4a843d1 cffaf27f
        seq=0x00000076 replay=4 flags=0x00000000 state=mature
        created: May  6 21:00:03 2015   current: May  6 21:29:01 2015
        diff: 1738(s)   hard: 3600(s)   soft: 2560(s)
        last: May  6 21:28:45 2015      hard: 0(s)      soft: 0(s)
        current: 10940(bytes)   hard: 0(bytes)  soft: 0(bytes)
        allocated: 118  hard: 0 soft: 0
        sadb_seq=0 pid=9279 refcnt=1
root@fjuttsi:~ # setkey -DP
10.11.12.0/24[any] 192.168.1.0/24[any] any
        in ipsec
        esp/tunnel/194.41.121.12-85.230.59.213/unique:1
        created: May  6 21:00:03 2015  lastused: May  6 21:00:03 2015
        lifetime: 9223372036854775807(s) validtime: 0(s)
        spid=2198 seq=1 pid=9282
        refcnt=1
192.168.1.0/24[any] 10.11.12.0/24[any] any
        out ipsec
        esp/tunnel/85.230.59.213-194.41.121.12/unique:1
        created: May  6 21:00:03 2015  lastused: May  6 21:29:07 2015
        lifetime: 9223372036854775807(s) validtime: 0(s)
        spid=2197 seq=0 pid=9282
        refcnt=1
root@fjuttsi:~ # netstat -rnf inet
Routing tables

Internet:
Destination        Gateway            Flags      Netif Expire
default            85.230.56.1        UGS         re0
10.11.12.0/24      192.168.1.1        UGS         em0
85.230.56.0/22     link#2             U           re0
85.230.59.213      link#2             UHS         lo0
127.0.0.1          link#3             UH          lo0
192.168.1.0/24     link#1             U           em0
192.168.1.1        link#1             UHS         lo0
192.168.1.3        link#1             UHS         lo0



On Wed, May 6, 2015 at 7:08 PM, Andrey V. Elsukov <ae@freebsd.org> wrote:

> On 06.05.2015 15:51, Martin Larsson wrote:
> > This is a small summary of
> >
> https://forums.freebsd.org/threads/routing-issue-with-ipsec-windows-works-linux-doesnt.51201/
>
> Can you provide run-time configuration from your FreeBSD gateway?
>
> # setkey -D
> # setkey -DP
> # netstat -rnf inet
>
> --
> WBR, Andrey V. Elsukov
>
>