IPv4 over IPV4 on the same network segment
mnslinky at gmail.com
Mon Aug 20 02:46:15 PDT 2007
On Aug 20, 2007, at 2:26 AMAug 20, 2007, Benjamin Close wrote:
> Hi Folks,
> I've got to route a network over an ipv4 tunnel between to
> machines which have their parent link on the same network segment.
> Everything works well except for people trying to access the
> external address of one of the link machines: ie:
> Physical 126.96.36.199 (xl0)---------------------------> 188.8.131.52
> 192.168.3.1(gif0) --------------> 192.168.0.1 (gif0)
> | |
> NET1 (xl1) NET 2 (sk1)
> 192.168.3.0/24 192.168.0/24
> Now anyone on net NET1 can talk to NET2 fine via a default route to
> gif0. However anyone on NET1 can't talk to 184.108.40.206 as routing
> tries to send via xl0 as it's on the same net and firewall rules
> prevent it.The default route for xl0 is gif0 with a link level
> route to the ip of sk0.
> Anyone got an idea how to fully route xl1 via gif0? Including the
> parent physical address?
I wouldn't use gif0 as the default route, but rather the physical
interface. Your system should automatically become aware of the new /
24 networks when you create the gif tunnel.
I'm assuming, 220.127.116.11 can ping 18.104.22.168? If so, can either
machine ping 192.168.0.1 and 192.168.3.1? If that's the case, simply
setting gateway_enable="YES" in /etc/rc.conf should allow all the
necessary packets to go to the correct destination. FWIW, if you do
want to set the default across the gif tunnel, the other end will
have to be able to handle all the internet-bound traffic.
Eric F Crist
Secure Computing Networks
More information about the freebsd-questions