|
|
Hi Leonid
Leonid Satanovsky wrote:
> well.... hope this'll make sense better than prev. messages )
>
> (SIMPLIFIED CONFIGURATION INFO)
> We have 2 gateways: Win GW an FreeBSD GW.
> 192.168.254.6 is Win GW tunnel endpoint (tun interface)
> 192.168.254.5 is FreeBSD GW tunnel endpoint (tun interface)
>
> <I> Configuration details are in the attachment.>
> (STATE 1)
> After arp table at the Win GW is flushed - I loose
> ability to ping any of its interfaces from the FreeBSD gateway...
> And got this strange output of "arp -a" at Win GW when I start pinging
> from FreeBSD to Win:
> <...>
> Interface: 192.168.254.6 --- 0x100006
> Internet Address Physical Address Type
> 192.168.254.5 00-00-00-00-00-00 invalid
> <...>
>
> <I> There is a "tcpdump" of both Win GW and FreeBSD GW tunnel endpoints
> in the attachment.
....
> No. Time Source Destination Protocol Info
> 1 0.000000 192.168.254.5 192.168.254.6 ICMP Echo (ping) request
>
> Frame 1 (98 bytes on wire, 98 bytes captured)
> Ethernet II, Src: 00:ff:c2:05:91:35 (00:ff:c2:05:91:35), Dst: 00:ff:c1:05:91:35 (00:ff:c1:05:91:35)
> Internet Protocol, Src: 192.168.254.5 (192.168.254.5), Dst: 192.168.254.6 (192.168.254.6)
> Internet Control Message Protocol
>
> No. Time Source Destination Protocol Info
> 2 0.000331 00:ff:c1:05:91:35 Broadcast ARP Who has 192.168.254.5? Tell 192.168.254.6
OK arp information for the other end of the tunnel is missing.
>
>
>
> Frame 2 (42 bytes on wire, 42 bytes captured)
> Ethernet II, Src: 00:ff:c1:05:91:35 (00:ff:c1:05:91:35), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
> Address Resolution Protocol (request)
>
> No. Time Source Destination Protocol Info
> 3 0.000440 00:ff:c2:05:91:35 00:ff:c1:05:91:35 ARP 192.168.254.5 is at 00:ff:c2:05:91:35
But here the arp table gets updated, does it show in the arp table display?
>
> Frame 3 (42 bytes on wire, 42 bytes captured)
> Ethernet II, Src: 00:ff:c2:05:91:35 (00:ff:c2:05:91:35), Dst: 00:ff:c1:05:91:35 (00:ff:c1:05:91:35)
> Address Resolution Protocol (reply)
Where is the ICMP echo reply ?????
>
> No. Time Source Destination Protocol Info
> 4 0.987389 192.168.254.5 192.168.254.6 ICMP Echo (ping) request
>
> (STATE 2)
> Only after I ping from 192.168.254.6 to 192.168.254.5 I get
> ability to ping from 192.168.254.5 to 192.168.254.6 ...
Does this imply that the windoze machine only sends an arp request when
it is actively trying to access the other end of the tunnel? That would
explain the behaviour.
> but just for a TTL of dynamic arp-record at the Win GW.
> Routing tables at both gateways remain the same as in (1), so, I guess,
> it is not an issue of routing...
> After the arp-record at Win GW is flushed i return to state (1).
> or, sometimes, go to the state (3) :]
That might be better anyway :-)
This sounds like a Windoze issue. It is normal, that an arp table gets
flushed, but why is it not refreshed anymore. Do you see any arp
requests when the system goes back to state 1 or are they just lost. See
question above.
Maybe you have to refer to a windoze guru.
There is one thing that caught my eye on your last message, I dismissed
it though as either my misunderstanding or irrelevancy. From the address
information it looked like the subnet on the BSD side (tun) differed
from the one on windoze.
> tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
> inet 192.168.254.5 --> 192.168.254.6 netmask 0xffffffff
> Opened by PID 1768
>
> Ethernet adapter kot:
>
> Connection-specific DNS Suffix . :
> IP Address. . . . . . . . . . . . : 192.168.254.6
> Subnet Mask . . . . . . . . . . . : 255.255.255.252
> Default Gateway . . . . . . . . . :
I also saw you renamed your tun interface on the windoze end. I never
did this and have no idea if it matters (probably not).
>
> (STATE 3)
> Listen to Jethro Tull and have a cup of tea.
'Dharma for one' or rather 'Bourree' ?
Erich
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00070.html on line 295
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-10/msg00070.html on line 295
|