Date: Thu, 24 Dec 2009 10:48:11 -0800 From: Julian Elischer <julian@elischer.org> To: Xin LI <delphij@gmail.com> Cc: freebsd-net@freebsd.org, FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: Routing question (GRE packet vs normal traceroute)? Message-ID: <4B33B76B.5070600@elischer.org> In-Reply-To: <a78074950912240038n19cf1780v5c780c636a998225@mail.gmail.com> References: <a78074950912240038n19cf1780v5c780c636a998225@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin LI wrote: > Hi, > > A friend of mine has encountered some problem in his setup which > consists a pair of GRE peer, one running on OpenBSD and another > running FreeBSD 7.2-RELEASE; with 7.2-STABLE, there is no improvement > over the situation. The problem we have observed seems to be related > to GRE packet not being routed as observed, here is some details: > > - The FreeBSD box has one network interface connected to two (2) > upstream network, with different IP and does not belong to the same > subnet, say, one is 1.2.3.4/24 and another is 5.6.7.8/24 > - The default gateway can be reached through the first IP address > bound to the network interface; > - An explicit route has been configured to the OpenBSD host, the > gateway being used can be reached directly via the secondary (aliased > 5.6.7.8/24) IP. > - Both the default gateway and the explicit host route can reach the > OpenBSD route. > > The problem they had is, while traceroute to the OpenBSD host can give > the desired result, however, packets that is supposed to be > transferred through the GRE tunnel, while they will be encapsulated > into a GRE packet, the GRE packet itself won't go to the explicit host > route, but end up going to the default gateway. > > The friend has configured his switch to "bounce" the packet back to > the server by configuring a host route on L3 switch, and it seems that > the FreeBSD box is able to route the GRE packet to its desired gateway > this time. > > Any suggestions? there is a hack in the GRE code "that you can turn off" where the GRE envelope is looking up the address of the peer *WITH THE LAST BIT SWITCHED* try adding a route to the address of the openBSD host with /31 (not 32) I forget how to turn it off but th man page says. there IS a good reason for it if you want packets for the OpenBSD host itself to go through the tunnel.. Then you need to not use that address itself or you get a routing loop. > > Cheers,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B33B76B.5070600>