It seems like the solution points to /etc/protocols

Some months ago I installed from pkgsrc ppp-mppe and
poptop, and did not work... Now it works if I disable
the filter.

Does somebody can tell me which protocol of gif, stf,
ppp-mppe and poptop am I filtering?

Thanks in advance

Atentamente

Heron Gallegos
Centro Siglo XXI - Informatica Educativa
Saltillo, Coahuila, Mexico

On Thu, 22 Nov 2001, Lista de NetBSD Users wrote:

> Date: Thu, 22 Nov 2001 11:23:23 -0600 (CST)
> From: Lista de NetBSD Users <list10@sepc.edu.mx>
> To: netbsd-users@netbsd.org
> Subject: Re: Cisco IPv6 - NetBSD -- Problem found but not solved.
>
> The problem is in my router, not the router of my
> provider of 6bone uplink.
>
> I have the following filter in my router and I dont know
> which line modify in order to get gif tunnel works.
>
> MyRouter>show access-lists 102
> Extended IP access list 102
>     deny ip 0.0.0.0 0.255.255.255 any
>     deny ip 10.0.0.0 0.255.255.255 any (356 matches)
>     deny ip 127.0.0.0 0.255.255.255 any
>     deny ip 224.0.0.0 31.255.255.255 any
>     deny ip 169.254.0.0 0.0.255.255 any (2803 matches)
>     deny ip 172.16.0.0 0.15.255.255 any (277 matches)
>     deny ip 192.0.2.0 0.0.0.255 any
>     deny ip 192.168.0.0 0.0.255.255 any (1635 matches)
>     deny ip 204.152.64.0 0.0.1.255 any
>     deny ip aaa.bbb.ccc.0 0.0.0.255 any
>     deny ip any host aaa.bbb.ccc.0 (1575 matches)
>     deny ip any host aaa.bbb.ccc.255 (1622 matches)
>     permit tcp any aaa.bbb.111.0 0.0.0.255 established (6879328 matches)
>     permit tcp any aaa.bbb.111.0 0.0.0.255 (7826295 matches)
>     permit udp any aaa.bbb.111.0 0.0.0.255 neq syslog (601078 matches)
>     permit icmp any aaa.ccc.111.0 0.0.0.255 echo-reply (110 matches)
>     permit icmp any aaa.ccc.111.0 0.0.0.255 unreachable (291588 matches)
>     permit icmp any aaa.ccc.111.0 0.0.0.255 source-quench (23 matches)
>     permit icmp any aaa.ccc.111.0 0.0.0.255 time-exceeded (4031 matches)
>     permit icmp any aaa.ccc.111.0 0.0.0.255 parameter-problem
> MyRouter>
>
> When I disable the access-group in serial0 of my cisco, I
> can get a clean gif tunnel between my NetBSD box and
> other NetBSD box over the internet.
>
> rosario# ifconfig gif0 tunnel aaa.bbb.ccc.ddd www.xxx.yyy.zzz
> rosario# ping6 -n ff02::1%gif0
> PING6(56=40+8+8 bytes) fe80::250:daff:fe69:48d7%gif0 --> ff02::1%gif0
> 16 bytes from fe80::250:daff:fe69:48d7%lo0, icmp_seq=0 hlim=64 time=0.244
> ms
> 16 bytes from fe80::250:daff:fe69:48d7%lo0, icmp_seq=1 hlim=64 time=0.197
> ms
> 16 bytes from fe80::250:8bff:fee7:586d%gif0, icmp_seq=0 hlim=64
> time=1058.13 ms(DUP!)
> 16 bytes from fe80::250:8bff:fee7:586d%gif0, icmp_seq=1 hlim=64
> time=950.344 ms(DUP!)
> 16 bytes from fe80::250:daff:fe69:48d7%lo0, icmp_seq=2 hlim=64 time=0.196
> ms
> ^C
> --- ff02::1%gif0 ping6 statistics ---
> 3 packets transmitted, 3 packets received, +2 duplicates, 0% packet loss
> round-trip min/avg/max/std-dev = 0.196/401.823/1058.133/493.050 ms
> rosario#
>
> The gif tunnel is working!!!!
>
> I dont want delete the filter of my cisco because it contains
> the most basic rules of filtering.
>
> Does somebody can tell me which rule add/modify in order
> to establish a gif/stf tunnel which can cross my router?
>
> Thanks in advance
>
> Atentamente
>
> Heron Gallegos
> Centro Siglo XXI - Informatica Educativa
> Saltillo, Coahuila, Mexico
>
> On Wed, 21 Nov 2001, Lista de NetBSD Users wrote:
>
> > Date: Wed, 21 Nov 2001 11:58:31 -0600 (CST)
> > From: Lista de NetBSD Users <list10@sepc.edu.mx>
> > To: netbsd-users@netbsd.org
> > Subject: Re: Cisco IPv6 - which kind of tunnel is this?
> >
> > On Wed, 21 Nov 2001, Lista de NetBSD Users wrote:
> >
> > > My uplink provider to 6bone have the following configuration
> > > in the Cisco router:
> > >
> > > interface Tunnel1500
> > >   descrition Tunnel to Centro Siglo XXI
> > >   no ip address
> > >   ipv6 enable
> > >   ipv6 address 3FFE:RRRR:RRRR:R::1/64
> > >   tunnel source Ethernet0
> > >   tunnel destination aaa.aaa.aaa.aaa
> > >   tunnel mode ipv6ip
> >
> > Question:
> >
> > My uplink provider must do changes in the
> > configuration in order to connect my NetBSD box?
> >
> > Thanks in advance
> >
> > Atentamente
> > Heron Gallegos
> >
> >
>
>