On Mon, Feb 18, 2013 at 09:37:27AM -0500, sven falempin wrote: > On Mon, Feb 18, 2013 at 6:43 AM, Stuart Henderson <[email protected]>wrote: > > > On 2013-02-18, Claudio Jeker <[email protected]> wrote: > > > Even though L2TP has L2 in its name it is not built to create ethernet > > > layer 2 tunnels. It is just tunneling PPP packets inside of UDP. > > > So the only thing you can do is proxyarp (which npppd does not support > > > natively) or route the traffic. > > > > Routing the traffic is probably the easiest way for this. Use a different > > subnet for the PPP-assigned addresses and add a static route on the gateway > > (and ideally on other machines which the PPP-connected devices will need > > to reach too, it may work without but you'll either be pushing a bunch > > of extra traffic via the gateway, or relying on ICMP redirects which may > > be disabled and at best are "bleurgh" ;) > > > > The proxy arp route is less nice but a few pointers if people want to try > > that; you can use arp(8) in base for it; see the '-f' option - or arpd (in > > ports) can cover a whole subnet without listing addresses separately. > > Alternatively there is the combination of pppd+xl2tpd; pppd does support > > proxy arp natively, though npppd is nicer and easier to configure, > > especially with IPsec). > > > > FWIW none of these can do IPv6 in the tunnels on OpenBSD, for that > > you could use gif, gre, openvpn or just plain ipsec. > > > > > the OP is talking about iStuff client, this 'may' reduce the set of > possibility, > especially if he do not want to install an app. > I have no clue how to bridge a "gif" on an iPhone ! > > -- > --------------------------------------------------------------------------------------------------------------------- > () ascii ribbon campaign - against html e-mail > /\ >
Thanks everybody for the ideas an clarification. Routing would be nice, but not really practical with iThings. I ended up with a perl hack that monitors syslog to add and remove arp entries when npppd reports a connection, and another that cron fires off every few minutes to look at ifconfig's output and update the arp cache. It's working so far, but it's a bit of a hack. Thanks all for the help. Stuart
