Date: Thu, 15 Aug 2002 12:22:21 -0700 From: James Long <list@museum.rain.com> To: freebsd-questions@freebsd.org Subject: Forcing a specific tun device with ppp over ssh Message-ID: <20020815122221.A16348@ns.museum.rain.com>
next in thread | raw e-mail | index | archive | help
I'm doing ppp over ssh to create a VPN. The central VPN gateway has numerous /dev/tun interfaces to connect each remote LAN to the central LAN. I would like to start measuring VPN throughput on the central gateway, using MRTG. It seems that I would be well off to first ensure that each remote LAN always uses a specific /dev/tun interface, and then I can tell MRTG which interface is which and then it can give me pretty graphs. Volunteering my home LAN as the guinea pig, I find that most times, my LAN comes in on tun0 of the central server. To prove my powers of forcing this to be whichever tun I choose, I kill the "dialing" ppp session on my home gateway, change the ppp.conf on the central VPN server to force /dev/tun3, and then tell my home gateway to re-initiate the ppp session, and observe which interface gets used on the central server. I can't get it to use anything other than tun0. Here's the ppp.conf on the central server: default: # nothing, all commented out jglhome: set device /dev/tun3 set log Phase Chat LCP IPCP CCP tun command enable proxy set timeout 0 set ifaddr 172.16.1.31 172.16.1.32 255.255.255.255 add 172.16.16.0/24 HISADDR # and for example, another remote LAN's ppp settings: other_office: set device /dev/tun2 set log Phase Chat LCP IPCP CCP tun command enable proxy set timeout 0 set ifaddr 172.16.1.31 172.16.1.33 255.255.255.255 add 172.16.61.0/24 HISADDR My home (remote) gateway connects fine, but the central gateway insists that since tun0 is available, it's going to use that. The log is below. I have since found out that I can force a specific tun device by modifying the ppp command line with appears in the .ssh/authorized_keys file, saying -unit0 or -unit2 for /dev/tun0 or /dev/tun2, but I was hoping to accomplish this by modifying ppp.conf. Is there some voodoo I can use in ppp.conf to force each office's LAN to use a specific tun device, or do I have to do this through .ssh/authorized_keys? Thanks in advance, and thanks in arrears to Greg Bond for documenting the ppp-over-ssh setup I am using. Aug 15 11:33:51 ps ppp[27967]: Phase: Using interface: tun0 Aug 15 11:33:51 ps ppp[27967]: Phase: deflink: Created in closed state Aug 15 11:33:51 ps ppp[27967]: tun0: Command: jglhome: enable proxy Aug 15 11:33:51 ps ppp[27967]: tun0: Command: jglhome: set timeout 0 Aug 15 11:33:51 ps ppp[27967]: tun0: Command: jglhome: set ifaddr 172.16.1.31 172.16.1.32 255.255.255.255 Aug 15 11:33:51 ps ppp[27967]: tun0: Command: jglhome: add 172.16.16.0/24 HISADDR Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: PPP Started (direct mode). Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: bundle: Establish Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: deflink: closed -> opening Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: deflink: Connected! Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: deflink: opening -> carrier Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: deflink: carrier -> lcp Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: FSM: Using "deflink" as a transport Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: State change Initial --> Closed Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: State change Closed --> Stopped Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: RecvConfigReq(1) state = Stopped Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: ACFCOMP[2] Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: PROTOCOMP[2] Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: ACCMAP[6] 0x00000000 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: MRU[4] 1500 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: MAGICNUM[6] 0xe184cad8 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: ACFCOMP[2] Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: PROTOCOMP[2] Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: ACCMAP[6] 0x00000000 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: MRU[4] 1500 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: MAGICNUM[6] 0x28d6a43f Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: SendConfigAck(1) state = Stopped Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: ACFCOMP[2] Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: PROTOCOMP[2] Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: ACCMAP[6] 0x00000000 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: MRU[4] 1500 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: MAGICNUM[6] 0xe184cad8 Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: LayerStart Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: State change Stopped --> Ack-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: RecvConfigAck(1) state = Ack-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: State change Ack-Sent --> Opened Aug 15 11:33:51 ps ppp[27967]: tun0: LCP: deflink: LayerUp Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: FSM: Using "deflink" as a transport Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: State change Initial --> Closed Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: LayerStart. Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: MPPE: Not usable without CHAP81 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: SendConfigReq(1) state = Closed Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: DEFLATE[4] win 15 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: PRED1[2] Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: State change Closed --> Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: deflink: lcp -> open Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: bundle: Network Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: FSM: Using "deflink" as a transport Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: State change Initial --> Closed Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: LayerStart. Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: SendConfigReq(1) state = Closed Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: IPADDR[6] 172.16.1.31 Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: COMPPROTO[6] 16 VJ slots with slot compression Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: State change Closed --> Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: RecvConfigReq(1) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: DEFLATE[4] win 15 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: PRED1[2] Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: SendConfigRej(1) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: PRED1[2] Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: RecvConfigReq(1) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: IPADDR[6] 172.16.1.32 Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: COMPPROTO[6] 16 VJ slots with slot compression Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: SendConfigAck(1) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: IPADDR[6] 172.16.1.32 Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: COMPPROTO[6] 16 VJ slots with slot compression Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: State change Req-Sent --> Ack-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: RecvConfigRej(1) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: PRED1[2] Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: MPPE: Not usable without CHAP81 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: SendConfigReq(2) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: DEFLATE[4] win 15 Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: RecvConfigAck(1) state = Ack-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: State change Ack-Sent --> Opened Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: deflink: LayerUp. Aug 15 11:33:51 ps ppp[27967]: tun0: IPCP: myaddr 172.16.1.31 hisaddr = 172.16.1.32 Aug 15 11:33:51 ps ppp[27967]: tun0: Phase: Found interface fxp0 for 172.16.1.32 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: RecvConfigReq(2) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: DEFLATE[4] win 15 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: SendConfigAck(2) state = Req-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: DEFLATE[4] win 15 Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: State change Req-Sent --> Ack-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: RecvConfigAck(2) state = Ack-Sent Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: State change Ack-Sent --> Opened Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: LayerUp. Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: Deflate: Input channel reset Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: Deflate: Output channel reset Aug 15 11:33:51 ps ppp[27967]: tun0: CCP: deflink: Out = DEFLATE[26], In = DEFLATE[26] Aug 15 11:40:51 ps ppp[27967]: tun0: IPCP: deflink: RecvTerminateReq(2) state = Opened Aug 15 11:40:51 ps ppp[27967]: tun0: IPCP: deflink: LayerDown: 172.16.1.31 Aug 15 11:40:51 ps ppp[27967]: tun0: IPCP: deflink: SendTerminateAck(2) state = Opened Aug 15 11:40:51 ps ppp[27967]: tun0: IPCP: deflink: State change Opened --> Stopping Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: RecvTerminateReq(2) state = Opened Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: LayerDown Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: SendTerminateAck(2) state = Opened Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: State change Opened --> Stopping Aug 15 11:40:52 ps ppp[27967]: tun0: CCP: deflink: LayerDown. Aug 15 11:40:52 ps ppp[27967]: tun0: CCP: deflink: State change Opened --> Starting Aug 15 11:40:52 ps ppp[27967]: tun0: CCP: deflink: LayerFinish. Aug 15 11:40:52 ps ppp[27967]: tun0: CCP: deflink: State change Starting --> Initial Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: deflink: open -> lcp Aug 15 11:40:52 ps ppp[27967]: tun0: IPCP: deflink: State change Stopping --> Starting Aug 15 11:40:52 ps ppp[27967]: tun0: IPCP: deflink: LayerFinish. Aug 15 11:40:52 ps ppp[27967]: tun0: IPCP: Connect time: 421 secs: 3498 octets in, 4632 octets out Aug 15 11:40:52 ps ppp[27967]: tun0: IPCP: : 32 packets in, 36 packets out Aug 15 11:40:52 ps ppp[27967]: tun0: IPCP: total 19 bytes/sec, peak 806 bytes/sec on Thu Aug 15 11:40:13 2002 Aug 15 11:40:52 ps ppp[27967]: tun0: IPCP: deflink: State change Starting --> Initial Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: bundle: Terminate Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: deflink: read (0): Got zero bytes Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: State change Stopping --> Starting Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: LayerFinish Aug 15 11:40:52 ps ppp[27967]: tun0: LCP: deflink: State change Starting --> Initial Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: deflink: Disconnected! Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: deflink: Connect time: 421 secs: 1953 octets in, 2478 octets out Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: deflink: : 37 packets in, 46 packets out Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: total 10 bytes/sec, peak 561 bytes/sec on Thu Aug 15 11:33:52 2002 Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: deflink: lcp -> closed Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: bundle: Dead Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: PPP Terminated (normal). Aug 15 11:40:52 ps ppp[27967]: tun0: Phase: Found interface fxp0 for 172.16.1.32 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020815122221.A16348>