<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: Newbie ...help ..I have checked the archive also ..still conf used ...
From: Karthik Mohanasundaram <mkarthik1978,AT,yahoo,DOT,com>
Date: Fri, 16 Nov 2001 22:18:58 +0100
In-reply-to: <C106BE84A6B5D411883300508B55B83A885FB7@mail1.tmwsystems.com>

hi everyone,

Thanks to Paul .. my "device or resource busy" error
has gone now ..

Still then the interfaces are not setup .. i don't
understand the reason ...

Yesterday once with the same options file the
interfaces were configured properly .. but today no
success ..

I am attaching the log below ..that i am getting now
..

--snip--
Script started on Fri Nov 16 16:12:24 2001

[root@localhost /root]# /usr/local/sbin/ciped-cb -o
/etc/cipe/options
CIPE daemon vers 1.4.5 (c) Olaf Titz 1996-2000
device=cipcb0
debug=yes
ipaddr=192.168.1.1
ptpaddr=192.168.2.1
mtu=0
metric=0
cttl=0
me=202.120.1.1:23517
peer=202.120.1.10:23517
key=(secret)
nokey=no
socks=
tokxc=0
tokey=0
ipup=(none)
ipdown=(none)
arg=(none)
maxerr=8
tokxts=0
ping=0
toping=0
dynip=no
Using cipcb0 index 0
kxchg: recv: Device not configured
sending CT_DEBUG
Interface stats        0       0    0    0    0     0 
        0         0        0       0    0    0    0   
 0       0          0

KX stats: rreq=0, req=0, ind=0, indb=0, ack=0, ackb=0,
unknown=0
cipcb0: daemon exiting
[root@localhost /root]# exit
exit

Script done on Fri Nov 16 16:13:34 2001
--snip--

This is the output I captured with debug=3 in my
options file ...

I don't understand the line :

"Using cipcb0 index 0
kxchg: recv: Device not configured"

==> Is that something wrong ??

ALSO 

when i invoked the Deamon it says my mtu=0 and also
the ip-up and ip-down are (none)

==> is that an error ??

I am now attaching a script that calls the
/etc/rc.d/rc.cipe that set's up the interfaces ..

the output from that is :

--snip--
Script started on Fri Nov 16 16:13:07 2001
[root@localhost /root]#./test.sh 

Setting up IP spoofing protection...done.
 ..... 
Starting VPN interfaces........ 
Cipe module already loaded.
Removing existing cipe interface(s). 
Setting up cipe interface(s): options options: not
absolute
CIPE daemon vers 1.4.5 (c) Olaf Titz 1996-2000
device=cipcb0
debug=yes
ipaddr=192.168.1.1
ptpaddr=192.168.2.1
mtu=0
metric=0
cttl=0
me=202.120.1.1:23517
peer=202.120.1.10:23517
key=(secret)
nokey=no
socks=
tokxc=0
tokey=0
ipup=(none)
ipdown=(none)
arg=(none)
maxerr=8
tokxts=0
ping=0
toping=0
dynip=no
opendev: bind: Address already in use

[root@localhost /root]# exit
exit

Script done on Fri Nov 16 16:13:31 2001
--snip--

In the above I can see that when it setup's the
interface it complains :

"options: not absolute
" ==> ??

and then I keep changing the port numbers everytime I
invoke the ciped-cb then also it complains :

"opendev: bind: Address already in use" ==> ??

Thank you for u'r patience and suggestions

karthik.

--- "Bort, Paul" <pbort,AT,tmwsystems,DOT,com> wrote:
> My CIPE configuration is very similar, so maybe I
> can help: 
> 
> When I have to restart CIPE (usually because I'm
> breaking something else) I
> use the following commands: 
> 
> # Shutdown
> ip link set down dev cipcb0           # This turns off the
> interface
> rmmod cipcb                                   # This unloads the module
> 
> # Restart
> modprobe cipcb                                # This reloads the module
> /sbin/ciped-cb -o /etc/cipe/options   # Start CIPE
> tunnel
> 
> It automatically adds the right routing stuff. 
> 
> What you might be missing is the "network in the
> middle". There needs to be
> a set of IP addresses that are just for the VPN. 
> 
> For example, on one firewall, with eth1=192.168.6.1
> and eth0=1.2.3.4, CIPE
> config looks like this: 
> (Ext. addresses changed)
> 
> ptpaddr         192.168.7.200
> ipaddr          192.168.7.100
> me              1.2.3.4:23517
> peer            1.2.3.5:23517
> 
> On the other firewall, with eth1=192.168.5.1 and
> eth0=1.2.3.5, CIPE config
> looks like this: 
> 
> ptpaddr         192.168.7.100
> ipaddr          192.168.7.200
> me              1.2.3.5:23517
> peer            1.2.3.4:23517
> 
> Once you get the connections started, the 'route'
> command (or 'ip route')
> should show a route to the 'other' network on each
> side, like this: 
> 
> 1.2.3.4 dev eth0  scope link 
> 192.168.6.1 dev eth1  scope link 
> 192.168.7.200 dev cipcb0  proto kernel  scope link 
> src 192.168.7.100 
> 1.2.3.0/27 dev eth0  proto kernel  scope link  src
> 1.2.3.4
> 192.168.6.0/24 dev eth1  proto kernel  scope link 
> src 192.168.6.1 
> 192.168.5.0/24 via 192.168.7.200 dev cipcb0 
> 127.0.0.0/8 dev lo  scope link 
> default via 1.2.3.1 dev eth0 
> 
> Good Luck!
> 

__________________________________________________
Do You Yahoo!?
Find the one for you at Yahoo! Personals
http://personals.yahoo.com





<< | Thread Index | >> ]    [ << | Date Index | >> ]