Also, if I use openvpn with a tun0 (link0) instead of gif, packets pass trough the tunnel. Although there are still some other problems because the broadcast for arp seems to change from ff:ff:ff:ff:ff:ff to 0:0:0:2:ff:ff.
Renaud Allard wrote: > It should be noted that when I put an ip on each sis1 interface, they > can ping each other through the if tunnel. Only the arp packets from the > lan don't seem to pass. Is this a bug or am I missing something? > > Renaud Allard wrote: >> When sniffing on gif0 (tcpdump -ttt -n -e -i gif0), I get: >> Apr 12 17:28:53.857812 >> Apr 12 17:28:53.860054 >> Apr 12 17:28:53.893533 >> Apr 12 17:28:53.976284 >> Apr 12 17:28:54.023758 >> Apr 12 17:28:54.024148 >> Apr 12 17:28:54.024565 >> Apr 12 17:28:54.079725 >> Apr 12 17:28:54.094511 >> Apr 12 17:28:54.145102 >> >> Nothing more. Has someone any idea on why I don't see the packets? >> >> I tried setting the gif0 mtu to 1500 in case this could be a mtu >> problem, but I still get the same thing. ARP broadcasts don't seem to >> pass through the tunnel. >> >> Renaud Allard wrote: >>> Hello, >>> >>> I have a setup like this: >>> >>> *********************** >>> router1 >>> hostname.gif0: up tunnel 172.17.0.170 195.16.12.50 >>> hostname.sis0: inet 172.17.0.170 255.255.0.0 NONE >>> hostname.sis1: up >>> bridgename.bridge0: add gif0 >>> add sis1 >>> up >>> >>> ipsec.conf: ike esp proto etherip from 172.17.0.170 to 195.16.12.50 >>> >>> # netstat -nr | tail -2 >>> 195.16.12.50/32 0 172.17.0.170/32 0 97 >>> 195.16.12.50/esp/use/in >>> 172.17.0.170/32 0 195.16.12.50/32 0 97 >>> 195.16.12.50/esp/require/out >>> >>> # brconfig >>> >>> >>> bridge0: flags=41<UP,RUNNING> >>> priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto >>> rstp >>> sis1 flags=3<LEARNING,DISCOVER> >>> port 2 ifpriority 0 ifcost 0 >>> gif0 flags=3<LEARNING,DISCOVER> >>> port 14 ifpriority 0 ifcost 0 >>> Addresses (max cache: 100, timeout: 240): >>> 00:11:85:25:fa:00 sis1 1 flags=0<> >>> 00:11:85:21:09:40 sis1 1 flags=0<> >>> 00:30:05:d1:17:58 sis1 1 flags=0<> >>> etc >>> >>> *********************** >>> >>> router2 >>> hostname.gif0: up tunnel 195.16.12.50 172.17.0.170 >>> hostname.sis0: inet 195.16.12.50 255.255.254.0 NONE >>> hostname.sis1: up >>> bridgename.bridge0: add gif0 >>> add sis1 >>> up >>> >>> ipsec.conf: ike esp proto etherip from 195.16.12.50 to 172.17.0.170 >>> >>> # netstat -nr | tail -2 >>> 172.17.0.170/32 0 195.16.12.50/32 0 97 >>> 172.17.0.170/esp/use/in >>> 195.16.12.50/32 0 172.17.0.170/32 0 97 >>> 172.17.0.170/esp/require/out >>> >>> # brconfig >>> bridge0: flags=41<UP,RUNNING> >>> priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto >>> rstp >>> sis1 flags=3<LEARNING,DISCOVER> >>> port 2 ifpriority 0 ifcost 0 >>> gif0 flags=3<LEARNING,DISCOVER> >>> port 10 ifpriority 0 ifcost 0 >>> Addresses (max cache: 100, timeout: 240): >>> 00:09:6b:45:27:59 sis1 1 flags=0<> >>> >>> >>> ************************* >>> >>> >>> If I do "tcpdump -ttt -n -e -vv -i gif0" on both routers, I see some >>> traffic. But this is only local traffic, no packet is forwarded between >>> both routers. If I do a tcpdump on the only router between router1 and >>> router2, I see no traffic except the ipsec negotiation. >>> >>> I changed net.inet.ip.forwarding=1 and net.inet.etherip.allow=1 but it >>> did not help. >>> >>> Is something wrong with my configuration?
