From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Tue, 4 Nov 2003 09:47:48 +0300 From: Alexander Vasiliev To: community@altlinux.ru Subject: Re: [Comm] pptp vs routing Message-ID: <20031104064748.GA8260@dennis.td.tascom.ru> Mail-Followup-To: community@altlinux.ru References: <3FA66310.4020808@metal.tomsk.ru> <3FA6654D.6080907@progroup.ru> <3FA66A21.3070109@metal.tomsk.ru> <20031103202004.GA2360@pasha.alkorn.net> <3FA7065C.3010605@metal.tomsk.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <3FA7065C.3010605@metal.tomsk.ru> X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.3 Precedence: list Reply-To: community@altlinux.ru List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Nov 2003 06:47:49 -0000 Archived-At: List-Archive: List-Post: On Tue, Nov 04, 2003 at 07:52:28AM +0600, Seirge P. Kondratyev wrote: > >>Kernel IP routing table > >>Destination Gateway Genmask Flags Metric Ref Use > >>Iface > >>tun-gw.tomline. * 255.255.255.255 UH 0 0 0 > >>ppp0 > >>^^^^^^^^^^^^^^^ ^^^^ > >>Как видно, default остается тем же, а вот все портящая запись появляется > >>первой... это роутинг ма машину, предоставляющую vpn... > >>Помогите, или хотя бы объясните зачем она и почему без неё все работает... > >> > >> > > > Мда... Но если эту запись удалить, работоспособность восстанавливается, > ведь как я понимаю, из-за этой записи он обращается к tun-gw.tomline.ru > через ppp0, который работает через tun-gw.tomline.ru(это сам сервер vpn), > который обращается к tun-gw.tomline.ru через ppp0, через который... Вот он > этот ip loop. а в > file:///usr/share/doc/pptp-client-1.1.0/howto-diagnosis.html#ip_loop > предлагают просто разобраться, где он появляется, что я и не понимаю... > > seirge Похоже в Вашем случае нужно см п. 3 (ниже...) 28. LCP EchoReq without LCP EchoRep Symptom: connection is established but no data transfer happens, ifconfig shows large amounts of data transmitted on PPTP tunnel, tcpdump shows many transmitted packets, the connection is closed after one minute, and logs contain this sequence: rcvd [LCP EchoReq id=0x1 sent [LCP EchoRep id=0x1 sent [LCP EchoReq id=0x1 rcvd [LCP EchoReq id=0x2 sent [LCP EchoRep id=0x2 sent [LCP EchoReq id=0x2 which indicates that echo requests from the server are being received by the client, which issues an echo reply, but that echo requests from the client are not generating echo replies from the server. Diagnosis: the route to the PPTP Server has changed to include the tunnel itself, and packets are being looped. Packets sent through the VPN are being encapsulated in PPP over GRE, and then sent through the same interface again. See our diagram showing this situation. Solution: Examine the routing table using netstat -rn before and after the tunnel becomes active. Determine why the route to the PPTP Server is via the tunnel interface. The reasons may be: 1. the defaultroute option was used, 2. distribution specific or local interface-up scripts changed the route, or 3. the PPTP Server may have given its own IP address for the new interface. If defaultroute is in the options given to pppd remove it, and use other means to provide routes through the tunnel interface. If scripts are adding or changing routes, fix them. If the PPTP Server is providing an incorrect IP address, force a more appropriate address by adding an option such as :10.0.1.1, where 10.0.1.1 is the address to be adopted. It would be better to fix the PPTP Server. -- Александр Васильев ЗАО "Таском" vav@tascom.ru