The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Please help with pppd (routing)
Author: nov1ce 
Date:   24-10-05 13:50

Dear all,

Please help with pppd and routing. FreeBSD 5.4-STABLE, pppd with mgetty acting as dial-in server with one external modem. I can connect to server with no problem but it seems like routing doesn't work for dial-in user. I cannot even ping the ip address of dial-in server. Here is my configuration:

The IP address of dial-in server: 192.168.1.35/28
The end address of the PPP link is 192.168.1.41/28
The IP address to be assigned to dial-in user is 192.168.1.44/28

IP forwarding is on.
# sysctl -a | grep forward

net.inet.ip.forwarding: 1

# cat /etc/ppp/ppp.conf

default:
set device /dev/cuaa0
set log Phase Chat LCP IPCP CCP tun command
enable passwdauth
set speed 38400
set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\TTIMEOUT 40 CONNECT"
set timeout 120
set ifaddr 192.168.1.35/28 255.255.255.240 0.0.0.0
add default HISADDR
enable dns

cuaa0:
set ifaddr 192.168.1.41 192.168.1.44
enable passwdauth
allow users ppp mef
accept dns
set dns 192.168.1.3
enable proxy

ttyd0:
set ifaddr 192.168.1.41 192.168.1.44
enable passwdauth
allow users testppp
accept dns
set dns 192.168.1.3
enable proxy

pap:
enable pap
set ifaddr 192.168.1.41 192.168.1.44
enable proxy
enable passwdauth

ifconfig and netstat -rn information before ppp session:

# ifconfig
tl0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.1.35 netmask 0xfffffff0 broadcast 192.168.1.47
ether 00:50:8b:50:f2:0e
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
tun0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500

# netstat -rn
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.33 UGS 1 499 tl0
127.0.0.1 127.0.0.1 UH 0 42 lo0
192.168.1.32/28 link#1 UC 0 0 tl0
192.168.1.33 00:09:7c:61:93:30 UHLW 1 0 tl0 953

ifconfig and netstat -rn information after ppp session:

# ifconfig

tl0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.1.35 netmask 0xfffffff0 broadcast 192.168.1.47
ether 00:50:8b:50:f2:0e
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.41 --> 192.168.1.44 netmask 0xfffffff0
Opened by PID 747

# netstat -rn

Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.33 UGS 1 599 tl0
127.0.0.1 127.0.0.1 UH 0 42 lo0
192.168.1.32/28 link#1 UC 0 0 tl0
192.168.1.33 00:09:7c:61:93:30 UHLW 1 0 tl0 1002
192.168.1.44 192.168.1.41 UH 0 0 tun0
192.168.1.44 00:50:8b:50:f2:0e UHLS2 0 0 tl0

Dial-in user recieves 192.168.1.44 IP address but I cannot ping it from dial-in server:

PING 192.168.1.44 (192.168.1.44): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host

I think I made a mistake in "default:" section of ppp.conf. Please advise.

Thank you for your time.

Reply To This Message
 
 Re: Please help with pppd (routing)
Author: halber_mensch 
Date:   16-11-05 14:47

It's been a long time since I used ppp, and my ppp.conf i used to have got blown away... but maybe I can add some insight.

It looks like your thunderlan device on your client (tl0) is on the same ip net as the ppp tunnel. The 192.168.1.32/28 net covers the range of 192.168.1.32 to 192.168.1.47. 192.168.1.41 and 192.168.1.44 (the two ends of your ppp link) are covered by this range. What I would suppose is happening is that pinging from the server your packet is hitting the client's link, a reply is generated and then dumped onto the tl0 ethernet rather than back out through the ppp link since the tl0 link is ahead in the routing table on the client. I would suggest that you use a different rfc1918 net for the ppp link (10.0.0.0/24 e.g.), or for your client's LAN.

Reply To This Message
 
 Re: Please help with pppd (routing)
Author: bin 
Date:   22-01-06 21:24

192.168.1.44
I am getting an intrusion alert. The intrusion is attempted from this ip address.

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org