Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 18 Feb 2002 21:17:58 -0800 (PST)
From:      Archie Cobbs <archie@dellroad.org>
To:        Justin Hawkins <justin@hawkins.dropbear.id.au>
Cc:        archie@dellroad.org, freebsd-net@FreeBSD.ORG
Subject:   Re: mpd-netgraph as VPN client to Cisco 2500
Message-ID:  <200202190517.g1J5Hwn93991@arch20m.dellroad.org>
In-Reply-To: <20020219133856.J90345-100000@tardis.everard.bogus> "from Justin Hawkins at Feb 19, 2002 01:43:15 pm"
next in thread | previous in thread | raw e-mail | index | archive | help 
Justin Hawkins writes:
> > Yes, this is the same problem. Mpd and the kernel have both
> > been modified since that posting:
> >
> > - mpd will disallow the 'fatal' scenario
> > - the 'fatal' scenario is no longer fatal, i.e., instead of the
> >   kernel panicing, it will just return the 'deadlock avoided'
> >   error
> >
> > Unfortunately, there is no fix for this yet. However you can
> > try one trick, which is to set up a host route to the remote
> > IP address via your default gateway. I'm not sure if this will
> > work but it might (please report success/failure if you try it).
> 
> I had a quick try just then, but I'm on the 'wrong' side of the link, so I
> managed to lock myself out for a while :-)
> 
> Will try again later when I'm at home.
> 
> Is this a hard thing to fix 'properly'? There was implied that some kernel
> changes were needed in that previous post.

One semi-proper fix is for mpd to install a host route as described
above (assuming that works). But you won't get packets between the
two PPTP hosts encrypted (if you're doing that); packets going
to other hosts through the tunnel will be though.

The kernel doesn't know how to look into a packet to see if it's
already been encapsulated or not, and say "if this packet to X has
been encapsulated, then send it this way, otherwise send it that way".
It only routes based on destination IP address, and in the case
we're talking about they dest. IP is the same in both encapsulated
and non-encapsulated forms.

-Archie

__________________________________________________________________________
Archie Cobbs     *     Packet Design     *     http://www.packetdesign.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202190517.g1J5Hwn93991>