<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Setup/routing question with cipe
From: Nathan Neulinger <nneul,AT,umr,DOT,edu>
Date: Fri, 10 Aug 2001 16:45:20 +0200
In-reply-to: <F349BC4F5799D411ACE100D0B706B3BB76906F@umr-mail03.cc.umr.edu>

Peter van den Heuvel wrote:
> 
> Yo Nathan,
> 
> > First, I can't get it to work with pkcipe AT ALL. Nothing will ever go
> > over the link, most likely due to the screwy address it is choosing for
> > the peer on the server side. (The server's default outbound route
> > crosses a 10.0.0.x network, and it's picking 10.0.0.254 as the peer
> > address.) I tried all sorts of contortions with specifying options/etc,
> > and never had any luck getting it to link up properly. When I hand wired
> > everything in and ran ciped-cb by itself, it worked right away.
> Cool! Any usefull errors maybe?

No... it looks fine from the logs, but no traffic will go over the link. 

It does say that it got 'new peer 10.0.0.254', which is that private net
addr of the cipe server. I'm concerned that maybe link is up, but
because of goofy peer address, it won't route properly.

> > The second problem, in order to get the source-based routing to work, I
> > had to do this on the client router:
> Why actually are you turning to source based routing? You simply got two
> nets and a default gateway. If you cannot get it going with normal
> routing, you're missing something simple yet essential. Don't turn to
> something more exotic to work around a gap in your knowledge. If you
> have the simple routing table, put it on the list so we can look at it.
> Most usefull...

Ok.

The ISP I sysadmin for: 216.229.93.0/23
My block for home: 216.229.93.16/28
The cable modem ISP that I connect to: 216.229.78.0/24
DHCP current Cable modem IP: 216.229.78.131
DHCP current Cable modem GW: 216.229.79.1

omicron: (ciped server - located on ISP net, with multiple eth cards and
proxy arp blocks)
Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
192.55.114.253  0.0.0.0         255.255.255.255 UH        0 0          0
eth0
10.0.1.1        0.0.0.0         255.255.255.255 UH        0 0          0
cipcb0
216.229.93.144  10.0.0.1        255.255.255.248 UG        0 0          0
eth1
216.229.93.152  10.0.0.3        255.255.255.248 UG        0 0          0
eth1
216.229.93.176  10.0.0.2        255.255.255.240 UG        0 0          0
eth1
216.229.93.160  10.0.0.4        255.255.255.240 UG        0 0          0
eth1
216.229.93.16   10.0.1.1        255.255.255.240 UG        0 0          0
cipcb0
207.160.128.128 192.55.114.254  255.255.255.128 UG        0 0          0
eth0
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0
eth1
192.55.114.0    0.0.0.0         255.255.255.0   U         0 0          0
eth0
216.229.92.0    0.0.0.0         255.255.254.0   U         0 0          0
eth2
131.151.0.0     192.55.114.254  255.255.0.0     UG        0 0          0
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
lo
0.0.0.0         10.0.0.5        0.0.0.0         UG        0 0          0
eth1

Ok, the default route for omicron goes to 10.0.0.5, which is another
local router on our backbone
subnet (all of our non-routable addresses are on there) - 10.0.0.5 is
the link to the upstream ISP (which is 1-2 hops away from the cable
modem addr).

nneul-router: (ciped client)
Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
10.0.2.1        0.0.0.0         255.255.255.255 UH       40 0          0
cipcb0
216.229.93.16   0.0.0.0         255.255.255.240 U        40 0          0
eth1
216.229.78.0    0.0.0.0         255.255.254.0   U        40 0          0
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U        40 0          0
lo
0.0.0.0         216.229.79.1    0.0.0.0         UG       40 0          0
eth0

also have the ip rules:
        for i in 17 18 19 20 21 22 23 24 25 26 27 28 29; do
                ip rule add from 216.229.93.$i table 200 prio 200
        done
        ip route add default via 10.0.2.1 table 200
        ip route flush cache

cessna: (machine on my lan - standard setup, no changes to be made on
here)
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
216.229.93.21   0.0.0.0         255.255.255.255 UH       40 0          0
eth0
216.229.93.16   0.0.0.0         255.255.255.240 U        40 0          0
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U        40 0          0
lo
0.0.0.0         216.229.93.30   0.0.0.0         UG       40 0          0
eth0

Part of the deal is, I don't want to have to hand-wire in host-routes
for the default route on the gateway since the gateway ip may change
when dhcp lease renews (and the dhcp renew will also dork up those host
routes/etc.). I don't expect it to change, but the lease renew dorking
it up is still a problem. I'd prefer that one just function normally.

-----

So summary, two problems:

        The 10.0.0.254 stuff. Nothing I've done, including forcing pkcipe w/ a
code change to add a 'me=192.55.114.253' (or 'peer=192.55.114.253' at
the client side) to the end of the options when executing ciped-cb ever
seem to affect anything. I'm not sure this actually matters, I just know
that when I set up the link with pkcipe, not even a simple ping
10.0.2.1/10.0.1.1 would work, even though it looked like the link was
up.

I forced in peer, me, ipaddr, ptpaddr, key, maxerr, and it links up
instantly, but that's not very good either since the IP changes. (Can
me/peer just specify port?)

        The source based routing, which seemed to me to be the easiest way to
get traffic to-from LAN only to go over cipe, and everything else on
router to go over default. I'd actually be happier if stuff from the
216.229.93.30 nneul-router address would also go over cipe as well, but
everything else to/from nneul-router should go over cable modem gateway.

-- Nathan

> 
> My routing table:
> 10.5.254.1      0.0.0.0         255.255.255.255 UH    0      0        0
> cipcb3
> 10.3.254.1      0.0.0.0         255.255.255.255 UH    0      0        0
> cipcb0
> my.own.ip.addr  0.0.0.0         255.255.255.255 UH    0      0        0
> ppp0
> 10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0
> eth0
> 10.1.1.0        0.0.0.0         255.255.255.0   U     0      0        0
> eth1
> 172.16.0.0      0.0.0.0         255.255.248.0   U     0      0        0
> eth2
> 10.4.0.0        10.5.254.1      255.255.0.0     UG    0      0        0
> cipcb3
> 10.5.0.0        10.5.254.1      255.255.0.0     UG    0      0        0
> cipcb3
> 10.0.0.0        10.3.254.1      255.0.0.0       UG    0      0        0
> cipcb0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0
> lo
> 0.0.0.0         my.own.ip.addr  0.0.0.0         UG    0      0        0
> ppp0
> 
> Yes, there are four NIC's in my server at home (is also office), there's
> two routes over cipcb3: the native 10.5 and the 10.4 that's again behind
> the 10.5, All other 10 ranges are behind the 10.3, 10.1 is local, the
> 10.0 is something from the ADSL gadget and is of no other use, ppp0 is
> the Internet and default route. Note the the routes are always displayed
> sorted by netmask (with a reason)!
> 
> CIAO

-- 

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul,AT,umr,DOT,edu
University of Missouri - Rolla         Phone: (573) 341-4841
CIS - Systems Programming                Fax: (573) 341-4216





<< | Thread Index | >> ]    [ << | Date Index | >> ]