When sniffing on gif0 (tcpdump -ttt -n -e -i gif0), I get: Apr 12 17:28:53.857812 Apr 12 17:28:53.860054 Apr 12 17:28:53.893533 Apr 12 17:28:53.976284 Apr 12 17:28:54.023758 Apr 12 17:28:54.024148 Apr 12 17:28:54.024565 Apr 12 17:28:54.079725 Apr 12 17:28:54.094511 Apr 12 17:28:54.145102
Nothing more. Has someone any idea on why I don't see the packets? I tried setting the gif0 mtu to 1500 in case this could be a mtu problem, but I still get the same thing. ARP broadcasts don't seem to pass through the tunnel. Renaud Allard wrote: > Hello, > > I have a setup like this: > > *********************** > router1 > hostname.gif0: up tunnel 172.17.0.170 195.16.12.50 > hostname.sis0: inet 172.17.0.170 255.255.0.0 NONE > hostname.sis1: up > bridgename.bridge0: add gif0 > add sis1 > up > > ipsec.conf: ike esp proto etherip from 172.17.0.170 to 195.16.12.50 > > # netstat -nr | tail -2 > 195.16.12.50/32 0 172.17.0.170/32 0 97 > 195.16.12.50/esp/use/in > 172.17.0.170/32 0 195.16.12.50/32 0 97 > 195.16.12.50/esp/require/out > > # brconfig > > > bridge0: flags=41<UP,RUNNING> > priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto > rstp > sis1 flags=3<LEARNING,DISCOVER> > port 2 ifpriority 0 ifcost 0 > gif0 flags=3<LEARNING,DISCOVER> > port 14 ifpriority 0 ifcost 0 > Addresses (max cache: 100, timeout: 240): > 00:11:85:25:fa:00 sis1 1 flags=0<> > 00:11:85:21:09:40 sis1 1 flags=0<> > 00:30:05:d1:17:58 sis1 1 flags=0<> > etc > > *********************** > > router2 > hostname.gif0: up tunnel 195.16.12.50 172.17.0.170 > hostname.sis0: inet 195.16.12.50 255.255.254.0 NONE > hostname.sis1: up > bridgename.bridge0: add gif0 > add sis1 > up > > ipsec.conf: ike esp proto etherip from 195.16.12.50 to 172.17.0.170 > > # netstat -nr | tail -2 > 172.17.0.170/32 0 195.16.12.50/32 0 97 > 172.17.0.170/esp/use/in > 195.16.12.50/32 0 172.17.0.170/32 0 97 > 172.17.0.170/esp/require/out > > # brconfig > bridge0: flags=41<UP,RUNNING> > priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto > rstp > sis1 flags=3<LEARNING,DISCOVER> > port 2 ifpriority 0 ifcost 0 > gif0 flags=3<LEARNING,DISCOVER> > port 10 ifpriority 0 ifcost 0 > Addresses (max cache: 100, timeout: 240): > 00:09:6b:45:27:59 sis1 1 flags=0<> > > > ************************* > > > If I do "tcpdump -ttt -n -e -vv -i gif0" on both routers, I see some > traffic. But this is only local traffic, no packet is forwarded between > both routers. If I do a tcpdump on the only router between router1 and > router2, I see no traffic except the ipsec negotiation. > > I changed net.inet.ip.forwarding=1 and net.inet.etherip.allow=1 but it > did not help. > > Is something wrong with my configuration?
