From owner-freebsd-net@FreeBSD.ORG  Mon Jan 19 11:43:54 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5E083106567B
	for <freebsd-net@freebsd.org>; Mon, 19 Jan 2009 11:43:54 +0000 (UTC)
	(envelope-from lists.br@gmail.com)
Received: from mail-gx0-f21.google.com (mail-gx0-f21.google.com
	[209.85.217.21])
	by mx1.freebsd.org (Postfix) with ESMTP id F1FBF8FC08
	for <freebsd-net@freebsd.org>; Mon, 19 Jan 2009 11:43:53 +0000 (UTC)
	(envelope-from lists.br@gmail.com)
Received: by gxk14 with SMTP id 14so3020932gxk.19
	for <freebsd-net@freebsd.org>; Mon, 19 Jan 2009 03:43:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:from:to:references
	:subject:date:mime-version:content-type:content-transfer-encoding
	:x-priority:x-msmail-priority:x-mailer:x-mimeole;
	bh=kTPTZRqjMUkhO2tWPq9O8QIbG1G8bBd0ds0ok1JoEuQ=;
	b=nJRzxnmytO23vR3XXMNwwVK6E8Y+QlqoaXomJaU954wfoUHC74aUKX7ihm+iatMt8o
	79NYwqXkQjN7xMJ0mUbiszFSpkglrZG4dmIQ29ZDvyzG5X/4ekrrnSN2yiQ0Yle4zAxW
	kluGStwU3ntQdVXx8BTtJ4iL4Aok0V0EaAqj8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:from:to:references:subject:date:mime-version
	:content-type:content-transfer-encoding:x-priority:x-msmail-priority
	:x-mailer:x-mimeole;
	b=bAVBKNLjL1McE5o9mmSRtr+BHgQaxNMDLfQxZjb09Zs/t7nexh2povM5Z8zwSykxWs
	okl+j585+HWPhvFxGnMBkfwRhC8lVCZYbwfl1ztdEaiRerW8Zp/1268nibiyOhxZo+QU
	UJtc4khQcfw1mpqNIXZrO2VRcTdKgT8L3sk4Q=
Received: by 10.90.104.20 with SMTP id b20mr2336769agc.109.1232365433276;
	Mon, 19 Jan 2009 03:43:53 -0800 (PST)
Received: from adnote989 (189-46-93-120.dsl.telesp.net.br [189.46.93.120])
	by mx.google.com with ESMTPS id 6sm3522009agb.17.2009.01.19.03.43.51
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Mon, 19 Jan 2009 03:43:52 -0800 (PST)
Message-ID: <57035D79EA5741B58D56B9C514B934EA@adnote989>
From: "Luiz Otavio O Souza" <lists.br@gmail.com>
To: "Randy Bush" <randy@psg.com>,
	<freebsd-net@freebsd.org>
References: <4973F9AE.8080209@psg.com>
	<6B3AC73E801141BFB11EE7CA33E74D94@adnote989>
	<49745F92.90806@psg.com>
Date: Mon, 19 Jan 2009 09:43:45 -0200
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=response
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
Cc: 
Subject: Re: arp_proxy: ignoring request
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jan 2009 11:43:54 -0000

> On 09.01.19 20:05, Luiz Otavio O Souza wrote:
>>> soekris 5501 8-current Jan 15 13:08 GMT, post arp changes
>>>
>>> FreeBSD soek0.psg.com 8.0-CURRENT FreeBSD 8.0-CURRENT #4: Thu Jan 15
>>> 14:15:24 UTC 2009 root@soek0.psg.com:/usr/obj/usr/src/sys/SOEK0 i386
>>>
>>> Jan 18 00:00:04 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:02:10 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:02:23 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:08:06 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.12 via wlan0, expecting bridge0
>>> Jan 18 00:08:10 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:12:22 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.30 via wlan0, expecting bridge0
>>> Jan 18 00:14:10 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:19:26 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:19:39 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.28 via vr3, expecting bridge0
>>> Jan 18 00:20:10 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>> Jan 18 00:23:13 soek0 kernel: arp_proxy: ignoring request from
>>> 192.168.0.10 via vr2, expecting bridge0
>>>
>>> .----------------.
>>> | |
>>> | b --wlan0|
>>> | r | 192.168.0.0/24
>>> ext iij | i --- vr1| LAN hosts,
>>> PPP/NAT ---|vr0--- d | DHCP Clients
>>> WAN | g --- vr2| pptp 200-209
>>> | e | ,..
>>> | 0 --- vr3|
>>> | |
>>> `----------------'
>>>
>>> wlans_ath0=wlan0
>>> create_args_wlan0="wlanmode hostap channel 11 ssid rgnet-aden wep
>>> wepkey yourekidding weptxkey 1 media autoselect mode 11g up"
>>> cloned_interfaces=bridge0
>>> ifconfig_bridge0="192.168.0.1 addm vr1 addm vr2 addm vr3 addm wlan0
>>> addm wlan1 up"
>>> ifconfig_vr1=up
>>> ifconfig_vr2=up
>>> ifconfig_vr3=up
>>> gateway_enable=YES
>>> pptpd_enable=YES
>>> arpproxy_all=YES
>>
>> Why are you using arpproxy with bridge ? the bridge shoudn't do it ?
>
> blindly following poptop instructions i found somewhere.  should i nuke 
> it?
>
> randy

Yeah, this is not need in an environment like yours.

You need the proxy arp only for pptp connections (vpns). this will make the 
peer address looks like it is on your local network.

As long as i know, the proxy arp for ppp(8) is broken, but you can use this 
as a workaround for this. This bug is on my todo list...

Create these two scripts:

# cat /usr/local/sbin/vpn_on.sh
#!/bin/sh

/usr/sbin/arp -s "${1}" 00:15:17:1c:91:a8 pub

# cat /usr/local/sbin/vpn_off.sh
#!/bin/sh

/usr/sbin/arp -d "${1}"

And set these two files:

# cat /etc/ppp/ppp.linkup
pptp:
 !bg /usr/local/sbin/vpn_on.sh HISADDR

# cat /etc/ppp/ppp.linkdown
pptp:
 !bg /usr/local/sbin/vpn_off.sh HISADDR


Set the correct label on ppp.linkup and ppp.linkdown files and the bridge0 
mac address on vpn_on. the 00:15:17:1c:91:a8 is my internal nic.

Anyway put the enable proxy on /etc/ppp.conf (it is not working now, but i 
expect to see this working soon).

Luiz
ps: redirecting to freebsd-net@ as this has nothing to do with current.