Routing problems on VPN servers running FreeBSD 8.0-RELEASE
David Horn
dhorn2000 at gmail.com
Fri Feb 12 22:37:49 UTC 2010
On Fri, Feb 12, 2010 at 4:32 PM, Brett Glass <brett at lariat.net> wrote:
> Qing:
>
> Last night, I updated an 8.0-RELEASE test machine to 8.0-RELENG using csup,
If you have not already, make certain you use the appropriate tag of
"RELENG_8", and not "RELENG_8_0" as per:
http://www.freebsd.org/doc/handbook/cvs-tags.html
Since what you are needing for this particular test is 8-STABLE. You
can use csup(1) to get the latest stable source as follows:
csup -h <enter cvsup mirror hostname here>
/usr/share/examples/cvsup/stable-supfile
You can get the list of csup/cvsup mirrors here:
http://www.freebsd.org/doc/handbook/cvsup.html#CVSUP-MIRRORS
> and then rebuilt the world and the kernel. I then tested both ppp(8) (with
> PoPTop) and mpd 5.3 on the machine. (I did not recompile mpd, but ppp(8) was
> of course recompiled when I rebuilt the world.)
>
> Proxy ARP for users tunneling into the LAN via a PPTP VPN did not work. mpd
> produced no error message, but it did not create the proxy arp entry and the
> VPN connection was immediately broken.
>
> ppp(8) gave the error message
>
> Feb 12 14:16:02 <daemon.err> tester ppp[1078]: tun0: Error: Add proxy arp
> entry <address>: File exists
>
> and then disconnected. Connections for which firewall NAT (rather than proxy
> arp) was used seemed to function properly. Unfortunately, this isn't an
> acceptable workaround for machines that need full access when tunneling
> through a firewall.
>
> I've been told that the ARP and routing changes are new to 8.0-RELEASE.
> Therefore, we may abandon 8-STABLE and try 7.3-RELEASE (assuming that we can
> find drivers for our hardware) if we can't get routing and ARP to work with
> the various PPP implementations soon. Please let me know if you can
> implement changes that will help us use 8-STABLE.
>
> --Brett Glass
>
Good Luck.
---Dave
More information about the freebsd-net
mailing list