RE: bridge + cipe|
"Frater, Greg" <gjfrater,AT,bechtel,DOT,com>|
Thu, 9 Aug 2001 00:30:03 +0200|
I got the bridge + cipe config to work sort of. As I recall I was using
kernel 2.4.6 and cipe 1.5.2 with bridging code brctl 0.9.3. I set up the
cipe tunnel on a test network but with bridging enabled as soon as the cipe
tunnel saw traffic from our LAN I would get errors like this:
Jul 26 14:32:23 WTPWireless4 kernel: cipdb0: cipe_xmit packet length problem
Jul 26 14:32:23 WTPWireless4 kernel: cipdb0: cipe_xmit reentrance
scrolling across my console.
All I could find on the mailing list regarding these errors was someone else
having the same problem with no solutions to it. I had to give up on cipe,
I am now using vtun (http://vtun.sourceforge.net). It is up and running.
From: ewheeler,AT,kaico,DOT,com [mailto:ewheeler,AT,kaico,DOT,com
Sent: Sunday, July 15, 2001 7:34 PM
To: Frater, Greg
Subject: RE: bridge + cipe
I'm not sure about your ciped-cb connection problems.. I use pkcipe to
create my connections and then only use the ipaddr and pppaddr options in
the public key file.
On Fri, 13 Jul 2001, Frater, Greg wrote:
> I understand your scenario, I will try this.
> However, I discovered that my CIPE config was inaccurate. For some reason
> cannot get the ciped-db daemon to run now. When I did get it to start my
> options file was not right. I was pointing my 'ipaddr' and 'me' addresses
> to the same address. I'm realizing that I don't have as good of a grasp
> this as I need.
> When I specify the 'me' address in the options file is that what takes
> traffic from the cipe interface (cipdb0) and puts it on the "WAN"
> (eth1)? I have been having trouble understanding how data gets from
> to whatever physical (eth1) interface I am wanting to use for the cipe
> This is the only place I can see that tells the computer what to do with
> cipdb0 traffic.
> Now that I have made changes to my options and ip-up files the ciped-db
> daemon won't start. I get this message in /var/log/messages:
> ...ciped-db: opendev: bind
> I don't know what I did to create this error and putting everything back
> what I thought it was before doesn't eliminate it. But I have been
> at this stuff for a week and a half straight so I could have made a change
> along the way that broke it and just don't remember. Does anyone
> this message? Any thoughts?
> Greg -- realize that I haven't done this exact scenario before, nor have I
> actually used linux briding. But if bridging works the way it's supposed
> to this should work.
> First, don't add any routes to the route table. As I understand you
> aren't using the internet and are simply using a wireless to ethernet
> bridge on both ends which then need to be plugged into the linux-box
> bridge. Assuming that is correct, do this:
> Site 1:
> eth0: lan (172.19.0.1/20)
> eth1: wireless (192.168.1.1/24)
> Site 2:
> eth0: lan (172.19.0.2/20)
> eth1: wireless (192.168.1.2/24)
> Now cipe-link via the 192.168.1.1/24 and 192.168.1.2/24 interfaces. Then
> bridge eth0+cipcb0 and eth0+cipcb0 at site1 and site2.
> What I originally wrote you would have worked but it may have looked
> ambiguous if you are infamiliar with 20-bit network addressing. Here I
> have put you on the 192.168.1.0/24 network to show easily that they are on
> separate networks. No additional routing should be necessicary so don't
> execute any route commands after setting the IPs on the respective
> interfaces. Setup the cipe link as you would normal. Make sure you can
> ping 192.168.1.1 from 192.168.1.2 before you connect CIPE, and
> that 172.19.0.1 can ping 172.19.0.2 after the cipe link is up. I also
> recomend at this point you clear ipchains/iptables to ensure that there
> aren't any wierd filter rules which could mess things up:
> ipchains -F
> iptables -F
> iptables -t nat -F
> iptables -t mangle -F
> Of course if you're using ipchains you wouldn't be using iptables and
> Once the eth0+cipcb0 and eth0+cipcb0 bridging on both systems is setup,
> everything should work! (in theory)