LINUX.ORG.RU
ФорумAdmin

pptp + FreeBSD через Linux к Windows в инете


0

0 

Приветствую всех !

Помогите настроить pptp.

На тачке в локальной сети с FreeBSD 6.0 настраиваю pptpclient для 
подключения к MS VPN серверу в инете, через NAT настроеный на Gentoo 
Linux. Имею один внешний айпишник. Чтоб неигратся с пробрасованием 
портов, я искуственно вывел тачку с Фрей в инет. Для этого на Линуксовом
 роутере выполняю:

ifconfig eth0:2 212.82.XXX.XXX
iptables -A INPUT -p gre -j ACCEPT
iptables -t nat -A PREROUTING -d 212.82.XXX.XXX -j DNAT --to-destination 192.168.0.251
iptables -t nat -A POSTROUTING -s 192.168.0.251 -d ! 192.168.0.0/24 -j SNAT --to-source 212.82.XXX.XXX

212.82.XXX.XXX - свободный внешний айпишник.
192.168.0.251 - такчка с Фрей.

Настраиваю pptpclient на Фре:
root@freebsd# cat /etc/ppp/ppp.conf
default:
set log Phase Chat LCP IPCP CCP tun command
set timeout 0
set authname <нескажу>
set authkey <нескажу>
add 192.1.0.0/16 HISADDR    #сетка там 192.1.0.0/16
enable MPPE
disable ipv6cp
accept MPPE

Звоню:
root@freebsd# pptp 62.64.XXX.XXX default

Появляется интерфейс tun0:
root@freebsd# ifconfig
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=9<RXCSUM,VLAN_MTU>
        inet6 fe80::201:2ff:fe02:e275%xl0 prefixlen 64 scopeid 0x1
        inet 192.168.0.251 netmask 0xffffff00 broadcast 192.168.0.255
        ether 00:01:02:02:e2:75
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500
lo0: flags=8008<LOOPBACK,MULTICAST> mtu 16384
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1498
        inet 192.1.1.203 --> 192.1.1.199 netmask 0xffffffff
        Opened by PID 6863

Как видно тунель поднемается нормально, но при попытке пингануть шлюз, пакеты неприходят:
root@freebsd# ping 192.1.1.199
PING 192.1.1.199 (192.1.1.199): 56 data bytes
^C
--- 192.1.1.199 ping statistics ---
5769 packets transmitted, 0 packets received, 100% packet loss

При пинге 192.1.1.199 в /var/log/ppp.log появляется:
Jan 10 22:02:12 freebsd ppp[6863]: tun0: LCP: deflink: -- Protocol 0x5a6f (unrecognised protocol) was rejected!
Jan 10 22:02:14 freebsd ppp[6863]: tun0: LCP: deflink: RecvProtocolRej(67) state = Opened
Jan 10 22:02:14 freebsd ppp[6863]: tun0: LCP: deflink: -- Protocol 0x00bf (unrecognised protocol) was rejected!
Jan 10 22:02:15 freebsd ppp[6863]: tun0: LCP: deflink: RecvProtocolRej(68) state = Opened
Jan 10 22:02:15 freebsd ppp[6863]: tun0: LCP: deflink: -- Protocol 0xaa8b (unrecognised protocol) was rejected!
Jan 10 22:02:16 freebsd ppp[6863]: tun0: LCP: deflink: RecvProtocolRej(69) state = Opened
Jan 10 22:02:16 freebsd ppp[6863]: tun0: LCP: deflink: -- Protocol 0x001b (reserved (transparency inefficient)) was rejected!
Jan 10 22:02:17 freebsd ppp[6863]: tun0: LCP: deflink: RecvProtocolRej(70) state = Opened
Jan 10 22:02:17 freebsd ppp[6863]: tun0: LCP: deflink: -- Protocol 0x9a6f (unrecognised protocol) was rejected!
Jan 10 22:02:18 freebsd ppp[6863]: tun0: LCP: deflink: RecvProtocolRej(71) state = Opened
Jan 10 22:02:18 freebsd ppp[6863]: tun0: LCP: deflink: -- Protocol 0xb035 (unrecognised protocol) was rejected!

Если посмотреть трафик, то видим:
root@freebsd# tcpdump -i tun0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type NULL (BSD loopback), capture size 96 bytes
22:05:13.474605 IP 192.1.1.203 > 192.1.1.199: ICMP echo request, id 58138, seq 11, length 64
22:05:14.475442 IP 192.1.1.203 > 192.1.1.199: ICMP echo request, id 58138, seq 12, length 64
22:05:15.476287 IP 192.1.1.203 > 192.1.1.199: ICMP echo request, id 58138, seq 13, length 64

Т.е. по тунелю ICMP пакеты уходят, но ответ не возвращается.
Смотрим трафик на сетевой карте:

root@freebsd# tcpdump -i xl0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on xl0, link-type EN10MB (Ethernet), capture size 96 bytes
22:07:08.572345 IP 192.168.0.251 > 62.64.XXX.XXX: GREv1, call 27986, seq 342, length 101: compressed PPP data
22:07:08.620437 IP 62.64.XXX.XXX > 192.168.0.251: GREv1, call 0, seq 298, ack 342, length 111: LCP, Prot-Reject (0x08), id 211, length 93
22:07:09.120993 IP 192.168.0.251 > 62.64.XXX.XXX: GREv1, call 27986, ack 298, no-payload, length 12
22:07:09.573142 IP 192.168.0.251 > 62.64.XXX.XXX: GREv1, call 27986, seq 343, length 101: compressed PPP data
22:07:09.621502 IP 62.64.XXX.XXX > 192.168.0.251: GREv1, call 0, seq 299, ack 343, length 111: LCP, Prot-Reject (0x08), id 212, length 93
22:07:10.121840 IP 192.168.0.251 > 62.64.XXX.XXX: GREv1, call 27986, ack 299, no-payload, length 12
22:07:10.573998 IP 192.168.0.251 > 62.64.XXX.XXX: GREv1, call 27986, seq 344, length 101: compressed PPP data
22:07:10.622327 IP 62.64.XXX.XXX > 192.168.0.251: GREv1, call 0, seq 300, ack 344, length 110: LCP, Prot-Reject (0x08), id 213, length 92
22:07:11.122718 IP 192.168.0.251 > 62.64.XXX.XXX: GREv1, call 27986, ack 300, no-payload, length 12

62.64.XXX.XXX - адрес VPN сервера.
Видно что GRE пакеты нормально доходят через роутер к тачке. Но почему от 192.1.1.199 нету ответа ?

Кстати подключение не рвется, так и висит.
★★★★★
Динамическое распределение пропускной способности
Какой биллинг лучше (FreeNiBS vs Cake)? 

Кидаю полный лог процеса подключения к серверу.
Вернее полный кинуть немогу из за ограничение на размер сообщения.

Часть 1:

root@freebsd# cat ppp.log
Jan 10 22:16:25 freebsd ppp[6911]: Phase: Using interface: tun0
Jan 10 22:16:25 freebsd ppp[6911]: Phase: deflink: Created in closed state
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set timeout 0
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set authname <нескажу>
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set authkey ********
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: add 192.1.0.0/16 HISADDR
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: accept MSChapv2
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: enable MPPE
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: disable ipv6cp
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: accept MPPE
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set log Phase Chat LCP IPCP CCP tun command
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set timeout 0
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set authname <нескажу>
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: set authkey ********
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: add 192.1.0.0/16 HISADDR
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: accept MSChapv2
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: enable MPPE
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: disable ipv6cp
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Command: default: accept MPPE
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Phase: PPP Started (direct mode).
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Phase: bundle: Establish
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Phase: deflink: closed -> opening
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Phase: deflink: Connected!
Jan 10 22:16:25 freebsd ppp[6911]: tun0: Phase: deflink: opening -> carrier
Jan 10 22:16:26 freebsd ppp[6911]: tun0: Phase: deflink: carrier -> lcp
Jan 10 22:16:26 freebsd ppp[6911]: tun0: LCP: FSM: Using "deflink" as a transport
Jan 10 22:16:26 freebsd ppp[6911]: tun0: LCP: deflink: State change Initial --> Closed
Jan 10 22:16:26 freebsd ppp[6911]: tun0: LCP: deflink: State change Closed --> Stopped
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: RecvConfigReq(57) state = Stopped
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACFCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  PROTOCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRU[4] 1500
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MAGICNUM[6] 0x6a2037ec
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRRU[4] 1600
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  SHORTSEQ[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ENDDISC[9] MAC 00:0f:20:79:19:7a
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACFCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  PROTOCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACCMAP[6] 0x00000000
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRU[4] 1500
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MAGICNUM[6] 0x99bf2b7c
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: SendConfigRej(57) state = Stopped
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRRU[4] 1600
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  SHORTSEQ[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: LayerStart
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: State change Stopped --> Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: RecvConfigReq(58) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACFCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  PROTOCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRU[4] 1500
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MAGICNUM[6] 0x6a2037ec
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRRU[4] 1600
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  SHORTSEQ[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ENDDISC[9] MAC 00:0f:20:79:19:7a
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: SendConfigRej(58) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRRU[4] 1600
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  SHORTSEQ[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: RecvConfigAck(1) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACFCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  PROTOCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACCMAP[6] 0x00000000
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRU[4] 1500
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MAGICNUM[6] 0x99bf2b7c
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: State change Req-Sent --> Ack-Rcvd
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: RecvConfigReq(59) state = Ack-Rcvd
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACFCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  PROTOCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRU[4] 1500
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MAGICNUM[6] 0x6a2037ec
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: SendConfigAck(59) state = Ack-Rcvd
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  ACFCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  PROTOCOMP[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MRU[4] 1500
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  MAGICNUM[6] 0x6a2037ec
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP:  AUTHPROTO[5] 0xc223 (CHAP 0x81)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: State change Ack-Rcvd --> Opened
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: deflink: LayerUp
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: bundle: Authenticate
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: deflink: his = CHAP 0x81, mine = none
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: Chap Input: CHALLENGE (16 bytes)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: Chap Output: RESPONSE (<нескажу>)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: Chap Input: SUCCESS (S=16C3E0748DD8888D7789607D4E3E430A396CA550)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: FSM: Using "deflink" as a transport
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: State change Initial --> Closed

iron ★★★★★
() автор топика
Ответ на: комментарий от iron 

Продолжение лога.

Часть 2:

Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: LayerStart.
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: SendConfigReq(1) state = Closed
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  DEFLATE[4] win 15
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  PRED1[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x000000e0 (128/56/40 bits, stateful)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: State change Closed --> Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: deflink: lcp -> open
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Phase: bundle: Network
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: FSM: Using "deflink" as a transport
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: State change Initial --> Closed
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: LayerStart.
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: SendConfigReq(1) state = Closed
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 127.0.0.1
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP:  COMPPROTO[6] 16 VJ slots with slot compression
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: State change Closed --> Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: RecvConfigReq(72) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 192.1.1.199
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP:  COMPPROTO[6] 16 VJ slots without slot compression
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: SendConfigAck(72) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 192.1.1.199
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP:  COMPPROTO[6] 16 VJ slots without slot compression
Jan 10 22:16:27 freebsd ppp[6911]: tun0: IPCP: deflink: State change Req-Sent --> Ack-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: RecvConfigReq(109) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x010000e0 (128/56/40 bits, stateless)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: SendConfigNak(109) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x01000040 (128 bits, stateless)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: RecvConfigRej(1) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  DEFLATE[4] win 15
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  PRED1[2]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: SendConfigReq(2) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x000000e0 (128/56/40 bits, stateful)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: RecvConfigReq(110) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x01000040 (128 bits, stateless)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: SendConfigAck(110) state = Req-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x01000040 (128 bits, stateless)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: State change Req-Sent --> Ack-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: RecvConfigNak(2) state = Ack-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x00000040 (128 bits, stateful)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: SendConfigReq(3) state = Ack-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x00000040 (128 bits, stateful)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: RecvConfigAck(3) state = Ack-Sent
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP:  MPPE[6] value 0x00000040 (128 bits, stateful)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: State change Ack-Sent --> Opened
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: LayerUp.
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: MPPE: Input channel initiated
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: MPPE: Output channel initiated
Jan 10 22:16:27 freebsd ppp[6911]: tun0: CCP: deflink: Out = MPPE[18], In = MPPE[18]
Jan 10 22:16:27 freebsd ppp[6911]: tun0: LCP: Reducing MTU from 1500 to 1498 (CCP requirement)
Jan 10 22:16:27 freebsd ppp[6911]: tun0: Warning: ff02:4::/32: Change route failed: errno: Network is unreachable
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: deflink: SendConfigReq(1) state = Ack-Sent
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 127.0.0.1
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  COMPPROTO[6] 16 VJ slots with slot compression
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: deflink: RecvConfigNak(1) state = Ack-Sent
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 192.1.1.203
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] changing address: 127.0.0.1  --> 192.1.1.203
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: deflink: SendConfigReq(2) state = Ack-Sent
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 192.1.1.203
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  COMPPROTO[6] 16 VJ slots with slot compression
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: deflink: RecvConfigAck(2) state = Ack-Sent
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  IPADDR[6] 192.1.1.203
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP:  COMPPROTO[6] 16 VJ slots with slot compression
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: deflink: State change Ack-Sent --> Opened
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: deflink: LayerUp.
Jan 10 22:16:30 freebsd ppp[6911]: tun0: IPCP: myaddr 192.1.1.203 hisaddr = 192.1.1.199
Jan 10 22:16:30 freebsd ppp[6911]: tun0: LCP: Reducing MTU from 1500 to 1498 (CCP requirement)
Jan 10 22:16:30 freebsd ppp[6911]: tun0: Warning: ff02:4::/32: Change route failed: errno: Network is unreachable
Jan 10 22:16:39 freebsd ppp[6911]: tun0: LCP: deflink: RecvProtocolRej(101) state = Opened
Jan 10 22:16:39 freebsd ppp[6911]: tun0: LCP: deflink: -- Protocol 0x00f1 (unrecognised protocol) was rejected!
Jan 10 22:16:40 freebsd ppp[6911]: tun0: LCP: deflink: RecvProtocolRej(102) state = Opened
Jan 10 22:16:40 freebsd ppp[6911]: tun0: LCP: deflink: -- Protocol 0x8891 (unrecognised protocol) was rejected!

iron ★★★★★
() автор топика
Ответ на: комментарий от iron 

Ещё забыл:

root@freebsd# netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.0.254      UGS         0    20443    xl0
127.0.0.1          127.0.0.1          UH          0        0    lo0
192.1.0/16         192.1.1.199        UGS         0        0   tun0
192.1.1.199        192.1.1.203        UH          1        7   tun0
192.168.0          link#1             UC          0        0    xl0
192.168.0.100      00:13:d4:46:b3:15  UHLW        1      280    xl0    540
192.168.0.254      00:01:02:c5:25:fa  UHLW        2     1471    xl0   1136

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::1                               ::1                           UH          lo0
fe80::%xl0/64                     link#1                        UC          xl0
fe80::201:2ff:fe02:e275%xl0       00:01:02:02:e2:75             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#3                        UHL         lo0
ff01::/32                         ::1                           U           lo0
ff02::%xl0/32                     link#1                        UC          xl0
ff02::%lo0/32                     ::1                           UC          lo0
ff02::%tun0/32                    fe80::201:2ff:fe02:e275%tun0  UGS        tun0

iron ★★★★★
() автор топика
Ответ на: комментарий от iron

Я знаю что можно было не извращатся с маскарадом на роутере, но при юзании модуля ядра для маскарада GRE, сервер уходил в панику.

В 2.6.15 встроили поддержку mppe, но также при юзании его сервер валится. Все остальное работает нормально.

iron ★★★★★
() автор топика
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.
Динамическое распределение пропускной способности
Admin
Какой биллинг лучше (FreeNiBS vs Cake)?