Date: Fri, 27 Jan 2006 14:25:35 +0100 From: Bob Kersten <bob_freebsd_questions@fellownet.com> To: Fabian Keil <freebsd-listen@fabiankeil.de> Cc: freebsd-questions@freebsd.org Subject: Re: VPN / Bridge Message-ID: <7D22F62E-5CEA-4B8A-BBB4-0C42AF93E975@fellownet.com> In-Reply-To: <20060125115737.6b3fc4e2@localhost> References: <E11CF724-B7BB-473B-B313-EBCFCB593424@fellownet.com> <20060124172803.398db141@localhost> <37771069-F2EF-402A-9542-B6784F494AE7@fellownet.com> <20060125115737.6b3fc4e2@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 25-jan-2006, at 11:57, Fabian Keil wrote: > root@TP51 ~ #ifconfig gif0 tunnel 1.2.3.4 5.6.7.8 up > root@TP51 ~ #ifconfig bridge0 create > root@TP51 ~ #ifconfig bridge0 addm ndis0 addm gif0 up > root@TP51 ~ #ifconfig bridge0 > bridge0: flags=8043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > ether ac:de:48:f4:4e:9c > priority 32768 hellotime 2 fwddelay 15 maxage 20 > member: gif0 flags=3<LEARNING,DISCOVER> > member: ndis0 flags=3<LEARNING,DISCOVER> > > BTW: man if_config says all members of the bridge are required to > have the same MTU, but ifconfig doesn't seem to check it. > My setup wouldn't work as gif0 has a MTU of 1280. Gjee ... I'm still not able to add the gif0 device to my bridge0. I'm using FreeBSD6.0 and I've fixed the mtu on my gif0 device to be 1500. These are the steps that I take: [/] root@spike> ifconfig gif0 create [/] root@spike> ifconfig gif0 tunnel 1.2.3.4 5.6.7.8 mtu 1500 up [/] root@spike> ifconfig bridge0 create [/] root@spike> ifconfig bridge0 addm fxp0 [/] root@spike> ifconfig bridge0 addm gif0 ifconfig: BRDGADD gif0: Invalid argument [/] root@spike> ifconfig fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 options=8<VLAN_MTU> inet6 fe80::202:a5ff:fe26:6e45%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.100.101 netmask 0xffffff00 broadcast 192.168.100.255 ether 00:02:a5:26:6e:45 media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=8<VLAN_MTU> inet6 fe80::2e0:xxxx:xxxx:xxxx%rl0 prefixlen 64 scopeid 0x2 inet 1.2.3.4 netmask 0xfffffe00 broadcast 83.160.3.255 ether 00:e0:4c:a2:b5:f6 media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 tunnel inet 1.2.3.4 --> 5.6.7.8 inet6 fe80::202:a5ff:xxxx:xxxx%gif0 prefixlen 64 scopeid 0x4 bridge0: flags=8000<MULTICAST> mtu 1500 ether ac:de:48:ee:6a:cf priority 32768 hellotime 2 fwddelay 15 maxage 20 member: fxp0 flags=3<LEARNING,DISCOVER> The 'fake' ip addresses don't matter, it doesn't work with real addresses either. It seems as if gif0 is not accepted as 'real' ethernet device when trying to add it to the bridge. Maybe this isn't the right way to achive the VPN with all clients in the same subnet. Maybe there's a different solution necessary, or I'm doing something wrong, I don't know. Maybe someone could shed some light on this? Cheers, Bob.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7D22F62E-5CEA-4B8A-BBB4-0C42AF93E975>