<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: bridge + cipe
From: "Frater, Greg" <gjfrater,AT,bechtel,DOT,com>
Date: Thu, 9 Aug 2001 00:30:03 +0200

I got the bridge + cipe config to work sort of.  As I recall I was using
kernel 2.4.6 and cipe 1.5.2 with bridging code brctl 0.9.3.  I set up the
cipe tunnel on a test network but with bridging enabled as soon as the cipe
tunnel saw traffic from our LAN I would get errors like this:

Jul 26 14:32:23 WTPWireless4 kernel: cipdb0: cipe_xmit packet length problem
60/50
Jul 26 14:32:23 WTPWireless4 kernel: cipdb0: cipe_xmit reentrance

scrolling across my console.

All I could find on the mailing list regarding these errors was someone else
having the same problem with no solutions to it.  I had to give up on cipe,
I am now using vtun (http://vtun.sourceforge.net).  It is up and running.

-----Original Message-----
From: ewheeler,AT,kaico,DOT,com [mailto:ewheeler,AT,kaico,DOT,com
Sent: Sunday, July 15, 2001 7:34 PM
To: Frater, Greg
Cc: 'cipe-l,AT,inka,DOT,de'
Subject: RE: bridge + cipe

Greg --

  I'm not sure about your ciped-cb connection problems..  I use pkcipe to
create my connections and then only use the ipaddr and pppaddr options in
the public key file. 

--Eric

On Fri, 13 Jul 2001, Frater, Greg wrote:

> Eric, 
> 
> I understand your scenario, I will try this.  
> 
> However, I discovered that my CIPE config was inaccurate.  For some reason
I
> cannot get the ciped-db daemon to run now.  When I did get it to start my
> options file was not right.  I was pointing my 'ipaddr' and 'me' addresses
> to the same address.  I'm realizing that I don't have as good of a grasp
on
> this as I need.
>  
> Question:
> 
> When I specify the 'me' address in the options file is that what takes
> traffic from the cipe interface (cipdb0) and puts it on the "WAN"
interface
> (eth1)?  I have been having trouble understanding how data gets from
cipdb0
> to whatever physical (eth1) interface I am wanting to use for the cipe
link.
> This is the only place I can see that tells the computer what to do with
> cipdb0 traffic.
> 
> Problem:
> 
> Now that I have made changes to my options and ip-up files the ciped-db
> daemon won't start.  I get this message in /var/log/messages:
> 
> ...ciped-db[1423]: opendev: bind
> 
> I don't know what I did to create this error and putting everything back
to
> what I thought it was before doesn't eliminate it.  But I have been
staring
> at this stuff for a week and a half straight so I could have made a change
> along the way that broke it and just don't remember.  Does anyone
understand
> this message?  Any thoughts?
> 
> TIA     
> 
> 
> Greg -- realize that I haven't done this exact scenario before, nor have I
> actually used linux briding.  But if bridging works the way it's supposed
> to this should work.
> 
> First, don't add any routes to the route table.  As I understand you
> aren't using the internet and are simply using a wireless to ethernet
> bridge on both ends which then need to be plugged into the linux-box
> bridge.  Assuming that is correct, do this:
>   
> Site 1:
>   eth0: lan (172.19.0.1/20)
>   eth1: wireless (192.168.1.1/24)
>  
> Site 2:
>   eth0: lan (172.19.0.2/20)
>   eth1: wireless (192.168.1.2/24)
>  
> Now cipe-link via the 192.168.1.1/24 and 192.168.1.2/24 interfaces.  Then
> bridge eth0+cipcb0 and eth0+cipcb0 at site1 and site2.
> 
> What I originally wrote you would have worked but it may have looked
> ambiguous if you are infamiliar with 20-bit network addressing. Here I
> have put you on the 192.168.1.0/24 network to show easily that they are on
> separate networks.  No additional routing should be necessicary so don't
> execute any route commands after setting the IPs on the respective
> interfaces.  Setup the cipe link as you would normal.  Make sure you can
> ping 192.168.1.1 from 192.168.1.2 before you connect CIPE, and
> that 172.19.0.1 can ping 172.19.0.2 after the cipe link is up.  I also
> recomend at this point you clear ipchains/iptables to ensure that there
> aren't any wierd filter rules which could mess things up:
> 
> ipchains -F
> iptables -F
> iptables -t nat -F
> iptables -t mangle -F
> 
> Of course if you're using ipchains you wouldn't be using iptables and
> vice-versal.  
> 
> Once the eth0+cipcb0 and eth0+cipcb0 bridging on both systems is setup,
> everything should work! (in theory)
> 
> --Eric
> 





<< | Thread Index | >> ]    [ << | Date Index | >> ]