* [Comm] linux&VPN
@ 2003-08-06 18:03 Alexander V. Teplych
0 siblings, 0 replies; only message in thread
From: Alexander V. Teplych @ 2003-08-06 18:03 UTC (permalink / raw)
To: COMM
Есть:
локальная сеть 192.168.4.0/24
клиент - 192.168.4.29
сервер - 192.168.4.1
то есть физический IP = IP VPN сервера
после поднятия туннеля default gw = 192.168.100.29
адрес VPN клиента - 192.168.100.29
MSCHAP-V2, MPPE128, compression none
(по наблюдениям за WindowsXP)
VPN сервер на FreeBSD - mpd
На клиенте Master2.2 ppp-2.4.1 pptp-client-1.1.0
поддержка в ядре ppp, ip:gre, ip:tunneling
После старта pptp-command :
[root@home root]# pptp-command
1.) start
2.) stop
3.) setup
4.) quit
What task would you like to do?: 1
1.) multinet
Start a tunnel to which server?: 1
Route: add default gw 192.168.100.29 added
All routes added.
Tunnel multinet is active on ppp0. IP Address: 192.168.100.29
Вот что говорит tcpdump -i ppp0 :
23:19:44.312306 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057850
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057840 ppp: [|ip]
(DF) (DF)
23:19:44.312416 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057851
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057841 ppp: [|ip]
(DF) (DF)
23:19:44.312493 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057852
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057842 ppp: [|ip]
(DF) (DF)
23:19:44.312551 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057853
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057843 ppp: [|ip]
(DF) (DF)
23:19:44.312668 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057854
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057844 ppp: [|ip]
(DF) (DF)
23:19:44.312704 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057855
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057845 ppp: [|ip]
(DF) (DF)
23:19:44.312730 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057856
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057846 ppp: [|ip]
(DF) (DF)
23:19:44.312755 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057857
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057847 ppp: [|ip]
(DF) (DF)
23:19:44.312814 192.168.4.29 > 192.168.4.1: (frag 25457:33@1480)
23:19:44.312840 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057859
ppp: truncated-ip - 33 bytes missing! 192.168.4.29 > 192.168.4.1: gre [KSv1]
ID:d25e S:1057849 ppp: [|ip] (frag 25456:1480@0+) (frag 25457:1480@0+)
23:19:44.312926 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057860
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057850 ppp: [|ip]
(DF) (DF)
23:19:44.313043 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057861
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057851 ppp: [|ip]
(DF) (DF)
23:19:44.313118 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057862
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057852 ppp: [|ip]
(DF) (DF)
23:19:44.313251 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057863
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057853 ppp: [|ip]
(DF) (DF)
23:19:44.313299 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057864
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057854 ppp: [|ip]
(DF) (DF)
23:19:44.313334 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057865
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057855 ppp: [|ip]
(DF) (DF)
23:19:44.313362 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057866
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057856 ppp: [|ip]
(DF) (DF)
23:19:44.313424 192.168.4.29 > 192.168.4.1: (frag 25458:33@1480)
23:19:44.313450 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057869
ppp: truncated-ip - 33 bytes missing! 192.168.4.29 > 192.168.4.1: gre [KSv1]
ID:d25e S:1057859 ppp: [|ip] (frag 25457:1480@0+) (frag 25458:1480@0+)
23:19:44.313533 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057870
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057860 ppp: [|ip]
(DF) (DF)
23:19:44.313654 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057871
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057861 ppp: [|ip]
(DF) (DF)
23:19:44.313729 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057872
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057862 ppp: [|ip]
(DF) (DF)
23:19:44.313861 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057873
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057863 ppp: [|ip]
(DF) (DF)
23:19:44.313911 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057874
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057864 ppp: [|ip]
(DF) (DF)
23:19:44.313947 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057875
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057865 ppp: [|ip]
(DF) (DF)
23:19:44.313975 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057876
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057866 ppp: [|ip]
(DF) (DF)
23:19:44.314041 192.168.4.29 > 192.168.4.1: (frag 25459:33@1480)
23:19:44.314123 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057878
ppp: truncated-ip - 33 bytes missing! 192.168.4.29 > 192.168.4.1: gre [KSv1]
ID:d25e S:1057869 ppp: [|ip] (frag 25458:1480@0+) (frag 25459:1480@0+)
23:19:44.314164 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057879
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057870 ppp: [|ip]
(DF) (DF)
23:19:44.314273 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057880
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057871 ppp: [|ip]
(DF) (DF)
23:19:44.314341 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057881
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057872 ppp: [|ip]
(DF) (DF)
23:19:44.314474 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057882
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057873 ppp: [|ip]
(DF) (DF)
23:19:44.314524 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057883
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057874 ppp: [|ip]
(DF) (DF)
23:19:44.314557 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057884
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057875 ppp: [|ip]
(DF) (DF)
23:19:44.314693 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057885
ppp: 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057876 ppp: [|ip]
(DF) (DF)
23:19:44.314724 192.168.4.29 > 192.168.4.1: gre [KSv1] ID:d25e S:1057886
ppp: 192.168.4.29 > 192.168.4.1: (frag 25459:33@1480) (DF)
23:19:44.314747 192.168.4.29 > 192.168.4.1: (frag 25460:33@1480)
23:19:46.330255 192.168.4.29.32773 > 192.168.4.1.1723: FP 16:48(32) ack 1
win 6432: pptp CTRL_MSGTYPE=CCRQ CALL_ID(0) (DF)
tcpdump: pcap_loop: recvfrom: Network is down
Вот что говорит ifconfig :
[root@home root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:00:AC:0D:47
inet addr:192.168.4.29 Bcast:192.168.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1767 errors:0 dropped:0 overruns:0 frame:0
TX packets:453 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:166021 (162.1 Kb) TX bytes:45120 (44.0 Kb)
Interrupt:11 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1080 (1.0 Kb) TX bytes:1080 (1.0 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.100.29 P-t-P:192.168.4.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:36002 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:77 (77.0 b) TX bytes:26171622 (24.9 Mb)
[root@home root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:00:AC:0D:47
inet addr:192.168.4.29 Bcast:192.168.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1768 errors:0 dropped:0 overruns:0 frame:0
TX packets:453 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:166081 (162.1 Kb) TX bytes:45120 (44.0 Kb)
Interrupt:11 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1080 (1.0 Kb) TX bytes:1080 (1.0 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.100.29 P-t-P:192.168.4.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:88471 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:77 (77.0 b) TX bytes:64345056 (61.3 Mb)
[root@home root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:00:AC:0D:47
inet addr:192.168.4.29 Bcast:192.168.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1806 errors:0 dropped:0 overruns:0 frame:0
TX packets:453 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:170843 (166.8 Kb) TX bytes:45120 (44.0 Kb)
Interrupt:11 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1080 (1.0 Kb) TX bytes:1080 (1.0 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.100.29 P-t-P:192.168.4.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:1056336 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:77 (77.0 b) TX bytes:770074331 (734.4 Mb)
[root@home root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:00:AC:0D:47
inet addr:192.168.4.29 Bcast:192.168.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1806 errors:0 dropped:0 overruns:0 frame:0
TX packets:453 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:170843 (166.8 Kb) TX bytes:45120 (44.0 Kb)
Interrupt:11 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1080 (1.0 Kb) TX bytes:1080 (1.0 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.100.29 P-t-P:192.168.4.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:1057973 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:77 (77.0 b) TX bytes:771265765 (735.5 Mb)
[root@home root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:00:AC:0D:47
inet addr:192.168.4.29 Bcast:192.168.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1806 errors:0 dropped:0 overruns:0 frame:0
TX packets:453 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:170843 (166.8 Kb) TX bytes:45120 (44.0 Kb)
Interrupt:11 Base address:0x6800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1080 (1.0 Kb) TX bytes:1080 (1.0 Kb)
Пропал интерфейсик :(
Вот что говорит messages :
Aug 6 23:17:43 home pptp[3331]:
log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:580]: Client connection
established.
Aug 6 23:17:44 home pptp[3331]:
log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:708]: Outgoing call established
(call ID 0, peer's call ID 53854).
Aug 6 23:17:44 home pppd[3334]: pppd 2.4.1 started by root, uid 0
Aug 6 23:17:44 home pppd[3334]: Using interface ppp0
Aug 6 23:17:44 home pppd[3334]: Connect: ppp0 <--> /dev/pts/1
Aug 6 23:17:44 home /etc/hotplug/net.agent: assuming ppp0 is already up
Aug 6 23:17:47 home pppd[3334]: Remote message:
S=9886345C5EF08303435FA8DB0C3A23C5FD2542BA
Aug 6 23:17:50 home pppd[3334]: MSCHAP-v2 peer authentication succeeded for
tav
Aug 6 23:17:50 home pppd[3334]: local IP address 192.168.100.29
Aug 6 23:17:50 home pppd[3334]: remote IP address 192.168.4.1
Aug 6 23:18:20 home pppd[3334]: CCP: timeout sending Config-Requests
Aug 6 23:18:46 home kernel: device ppp0 entered promiscuous mode
Aug 6 23:19:44 home pptp[3331]: log[pptp_conn_close:pptp_ctrl.c:307]:
Closing PPTP connection
Aug 6 23:19:44 home pptp[3331]: log[call_callback:pptp_callmgr.c:88]:
Closing connection
Aug 6 23:19:46 home pppd[3334]: Hangup (SIGHUP)
Aug 6 23:19:46 home pppd[3334]: Modem hangup
Aug 6 23:19:46 home pppd[3334]: Connection terminated.
Aug 6 23:19:46 home kernel: device ppp0 left promiscuous mode
Aug 6 23:19:46 home kernel: device ppp0 entered promiscuous mode
Aug 6 23:19:46 home pppd[3334]: Connect time 2.1 minutes.
Aug 6 23:19:46 home pppd[3334]: Sent 771265837 bytes, received 77 bytes.
Aug 6 23:19:46 home /etc/hotplug/net.agent: NET unregister event not
supported
Aug 6 23:19:46 home pppd[3334]: Exit.
Эффект появился после профилактики сервера, по словам провайдера.
Администратор их помочь мне не смог :(
Эффект ПРОПАДАЕТ при добавлении -host 192.168.4.1 dev eth0
Туннель стоит, но пинги не ходят, в том числе и от сервера ко мне.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-08-06 18:03 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-08-06 18:03 [Comm] linux&VPN Alexander V. Teplych
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git