Hi, A friend of mine has encountered some problem in his setup which consists a pair of GRE peer, one running on OpenBSD and another running FreeBSD 7.2-RELEASE; with 7.2-STABLE, there is no improvement over the situation. The problem we have observed seems to be related to GRE packet not being routed as observed, here is some details: - The FreeBSD box has one network interface connected to two (2) upstream network, with different IP and does not belong to the same subnet, say, one is 1.2.3.4/24 and another is 5.6.7.8/24 - The default gateway can be reached through the first IP address bound to the network interface; - An explicit route has been configured to the OpenBSD host, the gateway being used can be reached directly via the secondary (aliased 5.6.7.8/24) IP. - Both the default gateway and the explicit host route can reach the OpenBSD route. The problem they had is, while traceroute to the OpenBSD host can give the desired result, however, packets that is supposed to be transferred through the GRE tunnel, while they will be encapsulated into a GRE packet, the GRE packet itself won't go to the explicit host route, but end up going to the default gateway. The friend has configured his switch to "bounce" the packet back to the server by configuring a host route on L3 switch, and it seems that the FreeBSD box is able to route the GRE packet to its desired gateway this time. Any suggestions? Cheers, -- Xin LI <delphij@delphij.net> http://www.delphij.net
Xin LI wrote:> Hi, > > A friend of mine has encountered some problem in his setup which > consists a pair of GRE peer, one running on OpenBSD and another > running FreeBSD 7.2-RELEASE; with 7.2-STABLE, there is no improvement > over the situation. The problem we have observed seems to be related > to GRE packet not being routed as observed, here is some details: > > - The FreeBSD box has one network interface connected to two (2) > upstream network, with different IP and does not belong to the same > subnet, say, one is 1.2.3.4/24 and another is 5.6.7.8/24 > - The default gateway can be reached through the first IP address > bound to the network interface; > - An explicit route has been configured to the OpenBSD host, the > gateway being used can be reached directly via the secondary (aliased > 5.6.7.8/24) IP. > - Both the default gateway and the explicit host route can reach the > OpenBSD route. > > The problem they had is, while traceroute to the OpenBSD host can give > the desired result, however, packets that is supposed to be > transferred through the GRE tunnel, while they will be encapsulated > into a GRE packet, the GRE packet itself won't go to the explicit host > route, but end up going to the default gateway. > > The friend has configured his switch to "bounce" the packet back to > the server by configuring a host route on L3 switch, and it seems that > the FreeBSD box is able to route the GRE packet to its desired gateway > this time. > > Any suggestions?there is a hack in the GRE code "that you can turn off" where the GRE envelope is looking up the address of the peer *WITH THE LAST BIT SWITCHED* try adding a route to the address of the openBSD host with /31 (not 32) I forget how to turn it off but th man page says. there IS a good reason for it if you want packets for the OpenBSD host itself to go through the tunnel.. Then you need to not use that address itself or you get a routing loop.> > Cheers,