From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 10 07:57:19 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BD66716A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Feb 2005 07:57:19 +0000 (GMT)
Received: from toybox.fyremoon.net (toybox.fyremoon.net [209.61.186.20])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 432A743D31
	for <freebsd-questions@freebsd.org>;
	Thu, 10 Feb 2005 07:57:19 +0000 (GMT)
	(envelope-from jadz@toybox.fyremoon.net)
Received: from localhost (jadz@localhost)
	by toybox.fyremoon.net (8.11.6/8.11.7) with ESMTP id j1A7vG728252;
	Thu, 10 Feb 2005 07:57:17 GMT
Date: Thu, 10 Feb 2005 07:57:15 +0000 (GMT)
From: jadz@toybox.fyremoon.net
To: tinc@tinc-vpn.org, <freebsd-questions@freebsd.org>
Message-ID: <Pine.LNX.4.44.0502100730530.27160-100000@toybox.fyremoon.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: IP packets with source address of 0.0.0.0
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Feb 2005 07:57:19 -0000

Hi,

I've got a bit of a weird one I've not figured out yet, so thought I'd
come see if you guys can help.  I've just added a new box to an existing
tinc vpn.  The vpn consists of some debian Linux and freebsd 5.2 and 5.3
boxes.  All boxes are running tinc 1.0.2.

The box I've just added is the first and only fbsd 5.3 box on the vpn.  
tinc on the fbsd5.3 box seems to happily connect to the vpn, but
connections to the other systems on the vpn cannot be initiated from it.  
The reason seems to be that the packets coming from the box over the vpn
have a source address of 0.0.0.0.  Thats clearly why no packets get
returned by the other vpn sites.

The if_tap device on the fbsd 5.3 box seems to be configured fine:

tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet6 fe80::2bd:fff:fe33:100%tap0 prefixlen 64 scopeid 0x4 
        inet 10.0.5.1 netmask 0xffffff00 broadcast 10.0.5.255
        ether 00:bd:0f:33:01:00
        Opened by PID 3174

I've had a quick look at the routing table and everything is fine there.  
Using tcpdump on one of the other vpn sites confirms the packets are 
getting to it, so they are being routed over the vpn correctly:

# tcpdump -i tap0 
tcpdump: listening on tap0
08:44:24.847529 0.0.0.0 > 10.0.3.1: icmp: echo request
08:44:25.803251 0.0.0.0 > 10.0.3.1: icmp: echo request
08:44:26.818328 0.0.0.0 > 10.0.3.1: icmp: echo request
08:44:27.822987 0.0.0.0 > 10.0.3.1: icmp: echo request
08:44:28.841233 0.0.0.0 > 10.0.3.1: icmp: echo request


5 packets received by filter
0 packets dropped by kernel
# 

In the above example you can see ping packets arriving over the vpn from 
the fbsd 5.3 box.  the destination address is good, but the source address 
is 0.0.0.0, which is the problem

I've done some googling to no joy, so I'm hoping someone out there has 
some ideas.

hope you guys can help
jadzy