From owner-freebsd-net Wed Apr 12 5:20:58 2000 Delivered-To: freebsd-net@freebsd.org Received: from relay.ucb.crimea.ua (relay.ucb.crimea.ua [212.110.138.1]) by hub.freebsd.org (Postfix) with ESMTP id CEEB137BCA6; Wed, 12 Apr 2000 05:20:39 -0700 (PDT) (envelope-from ru@ucb.crimea.ua) Received: (from ru@localhost) by relay.ucb.crimea.ua (8.9.3/8.9.3/UCB) id PAA51435; Wed, 12 Apr 2000 15:19:50 +0300 (EEST) (envelope-from ru) Date: Wed, 12 Apr 2000 15:19:50 +0300 From: Ruslan Ermilov To: Julian Elischer Cc: net@FreeBSD.ORG, archie@wistle.com, brian@FreeBSD.ORG, Dru Nelson Subject: Re: pptp over NAT? Impossible? Message-ID: <20000412151950.A50059@relay.ucb.crimea.ua> Mail-Followup-To: Julian Elischer , net@FreeBSD.ORG, archie@wistle.com, brian@FreeBSD.ORG, Dru Nelson References: <38F43C84.3F54BC7E@elischer.org> <20000412125131.A8975@relay.ucb.crimea.ua> <20000412132221.A14970@relay.ucb.crimea.ua> <38F465BE.ABD322C@elischer.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: <38F465BE.ABD322C@elischer.org>; from Julian Elischer on Wed, Apr 12, 2000 at 05:02:06AM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Apr 12, 2000 at 05:02:06AM -0700, Julian Elischer wrote: > Ruslan Ermilov wrote: > > > > On Wed, Apr 12, 2000 at 12:51:31PM +0300, Ruslan Ermilov wrote: > > > On Wed, Apr 12, 2000 at 02:06:12AM -0700, Julian Elischer wrote: > > > > I've been beeting my head against a problem that I think > > > > I suddenly understand.. > > > > I've been trying to run a pptp session out from an address translated > > > > network (i.e. ppp -nat). It gets so far tand then stops. > > > > It has suddenly (after a day wasted) occured to me that > > > > maybe the ppp negotiation is being carried by GRE and that > > > > I'm guessing that GRE is not translatable.. (At least by > > > > ppp -nat). (what's happenning is that the ppp negotiating packets are > > > > getting lost in transit.) > > > > > > > GRE is supported in different way, see `nat pptp [addr]' in ppp(8), > > > and PacketAliasPptp() in libalias(3). > > > > > By the way, I see no reason why PPTP support is limited to only > > one local IP address. It *is* possible to improve PPTP support > > by introducing the following interface: > > > > int PacketAliasPptp( > > struct in_addr local_addr, > > struct in_addr remote_addr, > > struct in_addr alias_addr > > ); > > > > where `local_addr', `alias_addr' and `remote_addr' are of the same > > semantics as in PacketAliasRedirectPort() (see libalias(3) manpage). > > > > If Brian does not mind, I will implement this, then patch natd(8), > > wait until Brian prepares patches for ppp(8), commit the change to > > libalias(3), bump library's major number, and commit the rest to > > natd(8) and ppp(8). > > > > Comments? > > Makes sence to me as it is quite possible that GRE/PPTP could be > coming from several different internal machines. > > BTW shouldn't this be called PacketAliasGRE instead? > Nope, since PacketAliasPptp() supports IPPROTO_GRE, IPPROTO_ESP and IPPROTO_AH packets. -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message