NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: gre tunnel problem



On Wed, Oct 26, 2011 at 08:44:50PM -0500, David Young wrote:
> On Wed, Oct 26, 2011 at 04:02:15PM -0700, Harry Waddell wrote:
> > 
> > I'm trying to emulate a cisco's behavior when creating an IPSEC + GRE
> > tunnel to a fortigate device. IPSEC is working fine with racoon, but I
> > can't quite figure out how to get the gre device on the netbsd device
> > configured in such a way that the fortigate will route packets back
> > over the tunnel. That's context -- the issue is seems to be failing to
> > setup the gre device properly
> 
> What version of NetBSD are you using?
> 
> I can reproduce aspects of the problem on -current, so I am going to try
> to fix it there.

BTW, what NIC are you using?  One of my GRE peers has a wm(4), and the
other has a bnx(4).  The wm(4) had all of the offload options enabled.

I have discovered that wm(4)'s IPv4 checksum offload (ifconfig wm0
ip4csum) interferes with IPv6 transmission through gre(4).  I realize
that IPv6 is not your problem, but it does make me wonder whether more
offload problems lurk.

BTW, when I enabled IPv4 checksum offload on the bnx(4) interface,
gre(4) continued to work.  Perhaps the bug is in wm(4).

I will continue to investigate.

Dave

-- 
David Young             OJC Technologies is now Pixo
dyoung%pixotech.com@localhost     Urbana, IL   (217) 344-0444 x24


Home | Main Index | Thread Index | Old Index