RE: gif(4) and bpf(4)
From: Nickolay Kritsky (Nickolay.Kritsky_at_astra-sw.com)
Date: 01/25/05
- Previous message: Simon L. Nielsen: "enc(4) (was: Re: gif(4) and bpf(4))"
- Maybe in reply to: Jeremie Le Hen: "gif(4) and bpf(4)"
- Next in thread: Jeremie Le Hen: "Re: gif(4) and bpf(4)"
- Reply: Jeremie Le Hen: "Re: gif(4) and bpf(4)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 25 Jan 2005 19:18:51 +0300 To: "Jeremie Le Hen" <jeremie@le-hen.org>, <freebsd-net@freebsd.org>
Please do the following:
ping -r -S 192.168.1.1 192.168.4.13 >/dev/null 2>&1 &
netstat -I gif0 -w 1
and see if any packets are counted. If you are using IPSec, maybe your packets are encrypted before they go to gif. See this article:
http://groups-beta.google.com/group/sol.lists.freebsd.net/browse_frm/thread/de878d5a36d383f1/ffa608ca991d0c3c?q=tcpdump+gif+freebsd&_done=%2Fgroups%3Fq%3Dtcpdump+gif+freebsd%26&_doneTitle=Back+to+Search&&d#ffa608ca991d0c3c
Can you post your IPSec policy (with sensitive info removed, of course).
(Google rulez :-) )
Nick
-----Original Message-----
From: Jeremie Le Hen [mailto:jeremie@le-hen.org]
Sent: Tuesday, January 25, 2005 7:09 PM
To: Jeremie Le Hen; freebsd-net@freebsd.org
Subject: Re: gif(4) and bpf(4)
> Interesting. It seems gif isn't passing anything back at all. Can you verify
> that the routes for the addresses you're pinging traverse gif0? I'd
> probably also try csjp@'s bpfstat tool to get a closer look at what's
> going on in bpf.
Yes they are (network on the other side of the tunnel is 192.168.4.0/24) :
%%%
yoda:tools# netstat -rnf inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default <hidden gw> UGSc 24 17513460 ep0
<hidden net>/24 link#4 UC 1 0 ep0
<hidden ip> 127.0.0.1 UGHS 0 70 lo0
<hidden gw> 00:07:cb:0e:2e:70 UHLW 25 0 ep0 1188
127.0.0.1 127.0.0.1 UH 3 816372 lo0
192.168.0 link#2 UC 1 0 sis1
192.168.0.4 00:a0:cc:da:9f:62 UHLW 2 2188 sis1 625
192.168.1 link#1 UC 6 0 sis0
192.168.1.1 00:09:5b:1a:48:94 UHLW 1 31599 lo0
192.168.1.2 00:09:5b:1a:4f:4d UHLW 0 752 sis0 1199
192.168.1.25 00:04:23:89:e5:84 UHLW 0 562 sis0 353
192.168.1.53 00:04:23:89:e5:84 UHLW 2 167625 sis0 1156
192.168.1.222 00:04:23:89:e5:84 UHLW 2 7601091 sis0 262
192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 0 15 sis0
192.168.4 192.168.4.13 UGSc 0 691911 gif0
192.168.4.13 192.168.1.1 UH 3 6949 gif0
%%%
I got bpfstat on csjp@'s FreeBSD webpage, but it is designed to work
with devfs. Running RELENG_4, it just does not compile :-(.
> Also try assigning a local address to an instance of gif on the affected
> system and pinging a destination through it using the -r and -S options
> whilst running tcpdump to be sure.
Here is it, with the interface configuration :
%%%
yoda:sys# ifconfig gif0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
tunnel inet <hidden ip> --> <hidden peer ip>
inet6 fe80::209:5bff:fe1a:4894%gif0 prefixlen 64 scopeid 0xa
inet 192.168.1.1 --> 192.168.4.13 netmask 0xffffff00
yoda:sys# ping -r -S 192.168.1.1 192.168.4.13 >/dev/null 2>&1 &
[1] 63095
yoda:sys# /usr/local/sbin/tcpdump -c 2 -ni ep0 'esp'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ep0, link-type EN10MB (Ethernet), capture size 96 bytes
17:06:09.008978 IP 82.233.239.98 > 82.66.245.132: ESP(spi=0x0f5d2cbd,seq=0x3a9)
17:06:09.046998 IP 82.66.245.132 > 82.233.239.98: ESP(spi=0x00439e94,seq=0x3a9)
2 packets captured
106 packets received by filter
0 packets dropped by kernel
yoda:sys# /usr/local/sbin/tcpdump -y null -c 2 -ni gif0 'esp'
tcpdump: data link type null
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gif0, link-type NULL (BSD loopback), capture size 96 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
%%%
> Can you post the revision(s) of the source files? e.g.:
> src/sys/net/if_gif.c
> src/sys/netinet/in_gif.c
> src/sys/netinet6/in6_gif.c
> ...and uname -a?
I already looked on CVSweb, but I saw no relevant commit log.
%%%
yoda:sys# ident net/if_gif.c netinet/in_gif.c netinet6/in6_gif.c
net/if_gif.c:
$FreeBSD: src/sys/net/if_gif.c,v 1.4.2.15 2002/11/08 16:57:13 ume Exp $
$KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $
netinet/in_gif.c:
$FreeBSD: src/sys/netinet/in_gif.c,v 1.5.2.11 2003/01/23 21:06:45 sam Exp $
$KAME: in_gif.c,v 1.54 2001/05/14 14:02:16 itojun Exp $
netinet6/in6_gif.c:
$FreeBSD: src/sys/netinet6/in6_gif.c,v 1.2.2.7 2003/01/23 21:06:47 sam Exp $
$KAME: in6_gif.c,v 1.49 2001/05/14 14:02:17 itojun Exp $
yoda:sys# uname -a
FreeBSD yoda.tataz.chchile.org 4.10-STABLE FreeBSD 4.10-STABLE #44: Wed Jul 7 03:35:21 CEST 2004 root@yoda.tataz.chchile.org:/usr/src/sys/compile/YODA i386
%%%
> Hope this helps,
I hope too ;-).
Many thanks,
Regards,
-- Jeremie Le Hen jeremie@le-hen.org _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Simon L. Nielsen: "enc(4) (was: Re: gif(4) and bpf(4))"
- Maybe in reply to: Jeremie Le Hen: "gif(4) and bpf(4)"
- Next in thread: Jeremie Le Hen: "Re: gif(4) and bpf(4)"
- Reply: Jeremie Le Hen: "Re: gif(4) and bpf(4)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
