Date: Fri, 27 Jan 2006 15:07:38 +0100 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: Bob Kersten <bob_freebsd_questions@fellownet.com> Cc: freebsd-questions@freebsd.org Subject: Re: VPN / Bridge Message-ID: <20060127150738.2619a80c@localhost> In-Reply-To: <7D22F62E-5CEA-4B8A-BBB4-0C42AF93E975@fellownet.com> References: <E11CF724-B7BB-473B-B313-EBCFCB593424@fellownet.com> <20060124172803.398db141@localhost> <37771069-F2EF-402A-9542-B6784F494AE7@fellownet.com> <20060125115737.6b3fc4e2@localhost> <7D22F62E-5CEA-4B8A-BBB4-0C42AF93E975@fellownet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_qWOWOO9tt=CnrpH1QKQPITo Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Bob Kersten <bob_freebsd_questions@fellownet.com> wrote: > On 25-jan-2006, at 11:57, Fabian Keil wrote: >=20 > > root@TP51 ~ #ifconfig gif0 tunnel 1.2.3.4 5.6.7.8 up > > root@TP51 ~ #ifconfig bridge0 create > > root@TP51 ~ #ifconfig bridge0 addm ndis0 addm gif0 up > > root@TP51 ~ #ifconfig bridge0 > > bridge0: flags=3D8043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > ether ac:de:48:f4:4e:9c > > priority 32768 hellotime 2 fwddelay 15 maxage 20 > > member: gif0 flags=3D3<LEARNING,DISCOVER> > > member: ndis0 flags=3D3<LEARNING,DISCOVER> > > > > BTW: man if_config says all members of the bridge are required to > > have the same MTU, but ifconfig doesn't seem to check it. > > My setup wouldn't work as gif0 has a MTU of 1280. >=20 > Gjee ... I'm still not able to add the gif0 device to my bridge0. >=20 > I'm using FreeBSD6.0 and I've fixed the mtu on my gif0 device to be =20 > 1500. These are the steps that I take: >=20 > [/] root@spike> ifconfig gif0 create > [/] root@spike> ifconfig gif0 tunnel 1.2.3.4 5.6.7.8 mtu 1500 up > [/] root@spike> ifconfig bridge0 create > [/] root@spike> ifconfig bridge0 addm fxp0 > [/] root@spike> ifconfig bridge0 addm gif0 > ifconfig: BRDGADD gif0: Invalid argument >=20 > [/] root@spike> ifconfig > fxp0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu =20 > 1500 > options=3D8<VLAN_MTU> > inet6 fe80::202:a5ff:fe26:6e45%fxp0 prefixlen 64 scopeid 0x1 > inet 192.168.100.101 netmask 0xffffff00 broadcast =20 > 192.168.100.255 > ether 00:02:a5:26:6e:45 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > rl0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > options=3D8<VLAN_MTU> > inet6 fe80::2e0:xxxx:xxxx:xxxx%rl0 prefixlen 64 scopeid 0x2 > inet 1.2.3.4 netmask 0xfffffe00 broadcast 83.160.3.255 > ether 00:e0:4c:a2:b5:f6 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 > inet 127.0.0.1 netmask 0xff000000 > gif0: flags=3D8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 > tunnel inet 1.2.3.4 --> 5.6.7.8 > inet6 fe80::202:a5ff:xxxx:xxxx%gif0 prefixlen 64 scopeid 0x4 > bridge0: flags=3D8000<MULTICAST> mtu 1500 > ether ac:de:48:ee:6a:cf > priority 32768 hellotime 2 fwddelay 15 maxage 20 > member: fxp0 flags=3D3<LEARNING,DISCOVER> >=20 > The 'fake' ip addresses don't matter, it doesn't work with real =20 > addresses either. It seems as if gif0 is not accepted as 'real' =20 > ethernet device when trying to add it to the bridge. Maybe this > isn't the right way to achive the VPN with all clients in the same > subnet. I don't know if it means anything, but our bridges seem to be different. Yours doesn't have the broadcast flag. Fabian --=20 http://www.fabiankeil.de/ --Sig_qWOWOO9tt=CnrpH1QKQPITo Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD2ik1jV8GA4rMKUQRAnsvAKDcRR05B2icFqjCb3CSSKp/0QAXcACgjkaq 3g6NQLCUnF3cqSipBuhaO7Y= =D6kU -----END PGP SIGNATURE----- --Sig_qWOWOO9tt=CnrpH1QKQPITo--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060127150738.2619a80c>