ALT Linux sysadmins discussion
 help / color / mirror / Atom feed
* [Sysadmins]  pptp over pptp
@ 2008-06-06  8:41 Ilis
    0 siblings, 1 reply; 3+ messages in thread
From: Ilis @ 2008-06-06  8:41 UTC (permalink / raw)
  To: ALT Linux sysadmin discuss

Пытаюсь настроить pptp через существующий pptp

После серии наводящих вопросов меня послали из desktop@ в sysadmins@

Есть подключение к провайдеру с авторизацией через VPN (eth0+ppp0)
Надо поднять ещё один VPN (pptp) для доступа в корпоративную сеть.

[root@altus ~]# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:80:48:53:E0:27
          inet addr:10.0.0.253  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13785018 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7024790 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1205455111 (1.1 GiB)  TX bytes:3852340608 (3.5 GiB)
          Interrupt:201 Base address:0xe000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:17428 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17428 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:876370 (855.8 KiB)  TX bytes:876370 (855.8 KiB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:87.224.170.26  P-t-P:172.30.0.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:2190566 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3259729 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:174651239 (166.5 MiB)  TX bytes:3590369504 (3.3 GiB)


Сделал настройки по аналогии с ppp0


[root@altus ~]# cat /etc/net/ifaces/ppp1/*
ONBOOT=no
PPPTYPE=pptp
PPTP_SERVER=217.148.52.5
REQUIRES=ppp0

user ilis
nomppe
nodefaultroute
noreplacedefaultroute
nopersist


[root@altus ~]# ifup ppp1

[root@altus ~]# cat /var/log/messages | egrep '7236|7241|7242'
Jun  2 08:11:12 altus sshd[9542]: Failed password for UNKNOWN USER
from 218.234.21.151 port 57242 ssh2
Jun  2 20:18:40 altus pppd[7236]: pppd 2.4.4 started by root, uid 0
Jun  2 20:18:40 altus pppd[7236]: Using interface ppp1
Jun  2 20:18:40 altus pppd[7236]: Connect: ppp1 <--> /dev/pts/4
Jun  2 20:18:40 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:

Sent control packet type is 1 'Start-Control-Connection-Request'

Jun  2 20:18:40 altus pptp[7241]: anon

log[ctrlp_disp:pptp_ctrl.c:738]: Received Start Control Connection
Reply

Jun  2 20:18:40 altus pptp[7241]: anon

log[ctrlp_disp:pptp_ctrl.c:772]: Client connection established.

Jun  2 20:18:41 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:

Sent control packet type is 7 'Outgoing-Call-Request'

Jun  2 20:18:41 altus pptp[7241]: anon

log[ctrlp_disp:pptp_ctrl.c:857]: Received Outgoing Call Reply.

Jun  2 20:18:41 altus pptp[7241]: anon

log[ctrlp_disp:pptp_ctrl.c:896]: Outgoing call established (call ID 0,

peer's call ID 2597).
Jun  2 20:18:41 altus pppd[7236]: CHAP authentication succeeded
Jun  2 20:18:41 altus pppd[7236]: CHAP authentication succeeded
Jun  2 20:18:42 altus pppd[7236]: local  IP address 192.168.254.218
Jun  2 20:18:42 altus pppd[7236]: remote IP address 217.148.52.5
Jun  2 20:18:54 altus pppd[7242]: Script /etc/ppp/ip-up finished (pid
7243), status = 0x0
Jun  2 20:20:38 altus pptp[7241]: anon log[logecho:pptp_ctrl.c:676]:
Echo Request received.
Jun  2 20:20:38 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 6 'Echo-Reply'
Jun  2 20:21:36 altus pppd[7242]: LCP terminated by peer (Peer Terminated)
Jun  2 20:21:36 altus pppd[7242]: Connect time 2.9 minutes.
Jun  2 20:21:36 altus pppd[7242]: Sent 1748727312 bytes, received 0 bytes.
Jun  2 20:21:37 altus pppd[7242]: Script /etc/ppp/ip-down finished
(pid 8819), status = 0x1
Jun  2 20:21:38 altus pptp[7241]: anon
log[pptp_handle_timer:pptp_ctrl.c:1049]: closing control connection
due to missing echo reply
Jun  2 20:21:38 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 12 'Call-Clear-Request'
Jun  2 20:21:38 altus pptp[7241]: anon
log[pptp_conn_close:pptp_ctrl.c:430]: Closing PPTP connection
Jun  2 20:21:38 altus pptp[7241]: anon log[ctrlp_rep:pptp_ctrl.c:251]:
Sent control packet type is 3 'Stop-Control-Connection-Request'
Jun  2 20:21:38 altus pptp[7241]: anon
log[call_callback:pptp_callmgr.c:78]: Closing connection (call state)
Jun  2 20:21:38 altus pppd[7242]: Modem hangup
Jun  2 20:21:38 altus pppd[7242]: Connection terminated.
Jun  2 20:21:43 altus pppd[7242]: Exit.

Сразу после авторизации через интерфейс пролетает безответно куча
трафика на всю ширину канала (за три минуты 1,5Г) интерфейс
отключается...

ppp1      Link encap:Point-to-Point Protocol
         inet addr:192.168.254.218  P-t-P:217.148.52.5  Mask:255.255.255.255
         UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
         RX packets:8 errors:0 dropped:0 overruns:0 frame:0
         TX packets:4433815 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:3
         RX bytes:73 (73.0 b)  TX bytes:1623110547 (1.5 GiB)

[root@altus ~]# tcpdump -ni ppp1

22:14:35.071130 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67779, length 108: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67765, length 72: IP [|ip]
22:14:35.071714 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67780, length 144: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67766, length 108: IP [|ip]
22:14:35.072296 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67781, length 180: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67767, length 144: IP [|ip]
22:14:35.072884 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67782, length 396: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67770, length 360: IP [|ip]
22:14:35.073689 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67783, length 1480: IP truncated-ip - 36 byte! 87.224.170.26 >
217.148.52.5: GREv1, call 2599, seq 67771, length 1480: IP [|ip]
22:14:35.073731 IP 87.224.170.26 > 217.148.52.5: ip-proto-47
22:14:35.074479 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67784, length 72: IP 87.224.170.26 > 217.148.proto-47
22:14:35.075084 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67785, length 108: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67772, length 72: IP [|ip]
22:14:35.075669 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67786, length 144: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67773, length 108: IP [|ip]
22:14:35.076251 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67787, length 180: IP 87.224.170.26 > 217.148Ev1, call 2599, seq
67774, length 144: IP [|ip]
22:14:35.076866 IP 87.224.170.26 > 217.148.52.5: GREv1, call 2599, seq
67788, length 1480: IP truncated-ip - 36 byte! 87.224.170.26 >
217.148.52.5: GREv1, call 2599, seq 67777, length 1480: IP [|ip]
22:14:35.076891 IP 87.224.170.26 > 217.148.52.5: ip-proto-47

13509 packets captured
19277 packets received by filter
5591 packets dropped by kernel


> Таблицу маршрутизации ДО и ВО ВРЕМЯ покажите тож.

До:
[root@altus ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.30.0.1      0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0

Во время:
[root@altus ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
217.148.52.5    0.0.0.0         255.255.255.255 UH    0      0        0 ppp1
172.30.0.1      0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0

Что можно сделать?

-- 
Кругликов Илья

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Sysadmins] pptp over pptp
  @ 2008-06-07  4:56   ` Ilis
  2008-06-09  9:15     ` Ilis
  0 siblings, 1 reply; 3+ messages in thread
From: Ilis @ 2008-06-07  4:56 UTC (permalink / raw)
  To: ALT Linux sysadmin discuss

06.06.08, Dmitry Afanasov<afanasovdmitry@gmail.com> написал(а):
> 06.06.08, Ilis <ilis.krou@gmail.com> написал(а):
> > Пытаюсь настроить pptp через существующий pptp
> >
> >
> есть у меня подозрения на MTU.
> в случаях pptp подключений через любой vpn я всегда в ppp опциях ставлю
>
> mtu 1436
> mru 1436
>

Добавил, не помогло... Всё ровным счётом так же. Куча исходящего
трафика и закрытие соединения...

Jun  7 10:50:02 altus pppd[32057]: LCP terminated by peer (Peer Terminated)
Jun  7 10:50:02 altus pppd[32057]: Connect time 2.9 minutes.
Jun  7 10:50:02 altus pppd[32057]: Sent 1733308616 bytes, received 0 bytes.

-- 
Кругликов Илья

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Sysadmins] pptp over pptp
  2008-06-07  4:56   ` Ilis
@ 2008-06-09  9:15     ` Ilis
  0 siblings, 0 replies; 3+ messages in thread
From: Ilis @ 2008-06-09  9:15 UTC (permalink / raw)
  To: ALT Linux sysadmin discuss

07.06.08, Ilis<ilis.krou@gmail.com> написал(а):
> 06.06.08, Dmitry Afanasov<afanasovdmitry@gmail.com> написал(а):
> > 06.06.08, Ilis <ilis.krou@gmail.com> написал(а):
> > > Пытаюсь настроить pptp через существующий pptp
> > >

Часть проблемы решилась следующим образом:
7 июня 2008 г. 21:52 пользователь Vitaly Kuznetsov <vitty@altlinux.ru> написал:
>
> после поднятия первого pptp написать в консоли от рута:
> route add -host 217.148.52.5 ppp0
> и после этого запустить поднятие второго. Результат писать сюда ;)
>

ppp1 поднялся и живёт, трафик в огромных количествах не шлёт.
Но появилась проблема с маршрутами:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

217.148.52.5    0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
217.148.52.5    0.0.0.0         255.255.255.255 UH    0      0        0 ppp1
172.30.0.1      0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0

Первый из них добавлен вручную, второй появляется в момент ifup ppp1.
Как сделать, чтобы он не появлялся? А в идеале чтобы ifup создавал
правильный маршрут, без создания его вручную...

-- 
Кругликов Илья

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2008-06-09  9:15 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-06-06  8:41 [Sysadmins] pptp over pptp Ilis
2008-06-07  4:56   ` Ilis
2008-06-09  9:15     ` Ilis

ALT Linux sysadmins discussion

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
		sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
	public-inbox-index sysadmins

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.sysadmins


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git