Hi, I am using the userland ppp with pppoe daemon to setup a pppoe server to authenticate incoming clients. I want to route a /29 subnet (81.19.79.24/29) to a client. Now I authenticate via a radius server, which frames the IP, Protocol, and route attributes:
Framed-Protocol = PPP Framed-IP-Address = 81.19.79.25 Framed-Route = 81.19.79.24/29 81.19.79.25 1 This appears to assign the connection without problem, and the machines on the clients side of the network, when assigned one of the subnet's IP's have no issue pinging out to all hosts. However, when a remote PC attempts to access one of the public IP's - i.e. ping it - this fails. The FreeBSD Gateway / PPPoE Server shows lots of ARP unable to resolve messages - I presume this means it cannot find a mac address for the client. I have checked the routing table - netstat -ran, and an entry is created for the subnet in question (via the returned radius attributes): Internet Dest: Gateway: Flags: Refs: Use: Netif: Expire: 81.19.79.24/29 81.19.79.25 UGSc 1 147 tun0 81.19.79.25 81.19.78.1 UH 0 256 tun0 81.19.79.25 00:05:5b:71.. UHLS2 0 0 ste1 A tcpdump of 'ste0' (the PPPoE Daemon Interface) from an IP the clients subnet pinging out, shows that the replies are occuring: 17:29:28.984831 PPPoE [ses 0x1b] 81.19.79.25 > 81.19.79.34: icmp: echo request 17:29:28.984831 PPPoE [ses 0x1b] 81.19.79.34 > 81.19.79.25: icmp: echo reply However, if this role is reversed, and a remote IP - in this case 81.19.79.34 (on a different /27 (32->63) network) attempts to ping a PC on the client network: 17:37:45.214386 PPPoE [ses 0x1b] 81.19.79.34 > 81.19.79.25: icmp: echo request 17:37:45.221413 PPPoE [ses 0x1b] 81.19.79.34 > 81.19.79.25: icmp: echo request 17:37:45.223422 PPPoE [ses 0x1b] 81.19.79.34 > 81.19.79.25: icmp: echo request 17:37:45.321455 PPPoE [ses 0x1b] 81.19.79.34 > 81.19.79.25: icmp: echo request 17:37:45.623212 PPPoE [ses 0x1b] 81.19.79.34 > 81.19.79.25: icmp: echo request The client uses a D-Link Router which is set to allow all traffic - It is of course possible this is misconfigured, however I would like to know if this configuration *should* be working, or if I have made some grevious error somewhere, which is preventing the traffic reaching the clients network. Many Thanks Colin Watson. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
