Subject: Truly bizarre problem with GRE tunnel.
To: None <>
From: Lars-Johan Liman <>
List: current-users
Date: 12/03/2005 22:20:42
Some time ago I used to have a GRE tunnel from home to my
server. Worked like a charm (for the limited value of "charm" that
applies to tunnels ...).

Tunnel not used much. Time passed.

Recently upgraded home to 3.99.11. Server is still at 1.6ZK. Tried to
re-establish tunnel. Failure.

After _MUCHO_ debugging (Ethereal Is Your Friend(TM)), I have now
concluded that:

At home, on the _OUTGOING_ side, the encapsulated packets are
fine. (tcpdump on physical interface (tlp0), not tunnel inteface

At server, on the _INCOMING_ side, the same encapsulated packets
arrive with the "IP length" header field of the _ENCAPSULATED_
(inner) packet byte swapped. That, and ONLY that, is byte swapped.
(e.g., 0x0054 becomes 0x5400).

21:05:29.728223 > gre truncated-ip - 21420 bytes missing! > icmp: echo request seq 288 [tos 0x30] 

Some diff-serv params of the container (outer) packet are also
changed, but that's less disturbing.

What in heaven's name is going on?

Is ther _ANY_ chance that this pertains to NetBSD? ("Nooooo!" is my

Tell me that this _HAS_ to be my ISP(s) playing tricks on me. My
current guess is a bug in some intermediate system, that actually
tries to de-compile my GRE stuff and poke around inside it. (And if
so, I have very clear opinions about messing _inside_ my packets ...)

Anyone else seen this?

# There are 10 kinds of people in the world. Those who understand
# binary numbers, and those who don't.
# Lars-Johan Liman, M.Sc.	! E-mail:
# Senior Systems Specialist     ! HTTP  : //
# Autonomica AB, Stockholm 	! Voice : +46 8 - 615 85 72