Routing problems on VPN servers running FreeBSD 8.0-RELEASE
Brett Glass
brett at lariat.net
Fri Feb 12 21:33:59 UTC 2010
Qing:
Last night, I updated an 8.0-RELEASE test machine to 8.0-RELENG
using csup, and then rebuilt the world and the kernel. I then
tested both ppp(8) (with PoPTop) and mpd 5.3 on the machine. (I did
not recompile mpd, but ppp(8) was of course recompiled when I
rebuilt the world.)
Proxy ARP for users tunneling into the LAN via a PPTP VPN did not
work. mpd produced no error message, but it did not create the
proxy arp entry and the VPN connection was immediately broken.
ppp(8) gave the error message
Feb 12 14:16:02 <daemon.err> tester ppp[1078]: tun0: Error: Add
proxy arp entry <address>: File exists
and then disconnected. Connections for which firewall NAT (rather
than proxy arp) was used seemed to function properly.
Unfortunately, this isn't an acceptable workaround for machines
that need full access when tunneling through a firewall.
I've been told that the ARP and routing changes are new to
8.0-RELEASE. Therefore, we may abandon 8-STABLE and try 7.3-RELEASE
(assuming that we can find drivers for our hardware) if we can't
get routing and ARP to work with the various PPP implementations
soon. Please let me know if you can implement changes that will
help us use 8-STABLE.
--Brett Glass
More information about the freebsd-net
mailing list