Freebsd8 Mpd5.3 proxy-arp problem

proks

New Member


Messages: 15

I have FreeBSD 8.0-RC2 amd64 with pptp server on mpd5.3.
on internal interface - 172.16.70.1/24
on external interface - xxx.xxx.xxx.xxx

mpd.conf:

startup:
Code:
        # configure mpd users
        set user **** ***** admin
        set user ***** *****
        # configure the console
        set console self 127.0.0.1 5005
        set console open
        # configure the web server
        set web self 0.0.0.0 5006
        set web open

default:
Code:
        load pptp_server

pptp_server:
Code:
        set ippool add pool-pptp 172.16.70.100 172.16.70.128
        
        create bundle template B2
        set iface enable proxy-arp
        set iface idle 1800
        set iface enable tcpmssfix
        set ipcp yes vjcomp
        set ipcp ranges 172.16.70.1/32 ippool pool-pptp
        set ipcp dns 172.16.70.1

        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e56
        set mppc yes e128
        set mppc yes stateless

        create link template L2 pptp
        set link action bundle B2
        set link disable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        set link mtu 1460
        set pptp self xxx.xxx.xxx.xxx
        set link enable incoming

Its well, but not work proxy-arp and pptp clients don't see internal network.

mpd.log:
Code:
......
Nov 16 17:16:19 autoelite mpd: [B2-3] IPCP: rec'd Configure Request #9 (Ack-Rcvd)
Nov 16 17:16:19 autoelite mpd: [B2-3]   IPADDR 172.16.70.101
Nov 16 17:16:19 autoelite mpd: [B2-3]     172.16.70.101 is OK
Nov 16 17:16:19 autoelite mpd: [B2-3]   PRIDNS 172.16.70.1
Nov 16 17:16:19 autoelite mpd: [B2-3] IPCP: SendConfigAck #9
Nov 16 17:16:19 autoelite mpd: [B2-3]   IPADDR 172.16.70.101
Nov 16 17:16:19 autoelite mpd: [B2-3]   PRIDNS 172.16.70.1
Nov 16 17:16:19 autoelite mpd: [B2-3] IPCP: state change Ack-Rcvd --> Opened
Nov 16 17:16:19 autoelite mpd: [B2-3] IPCP: LayerUp
Nov 16 17:16:19 autoelite mpd: [B2-3]   172.16.70.1 -> 172.16.70.101
Nov 16 17:16:19 autoelite mpd: [B2-3] system: command "/usr/sbin/arp" returned 256
Nov 16 17:16:19 autoelite mpd: [B2-3] IFACE: Up event
......

Whats wrong ? Please help.
 

aragon

Daemon

Reaction score: 281
Messages: 2,029

I think you need to not assign 172.16.70.1 to the local end of the PPTP interface. Either that, or change your internal ethernet's IP address.
 

mgp

Active Member

Reaction score: 13
Messages: 106

I have exactly the same problem:
Code:
[B-1] IPCP: state change Ack-Rcvd --> Opened
[B-1] IPCP: LayerUp
[B-1]   192.168.10.1 -> 192.168.10.50
[B-1] IFACE: Connecting tcpmssfix
[B-1] IFACE: Add address 192.168.10.1/32->192.168.10.50 to ng0
[B-1] exec: /usr/sbin/arp -S 192.168.10.50 0:e0:28:62:e:9 pub
[B-1] system: command "/usr/sbin/arp" returned 256
[B-1] IFACE: Up event
[B-1] IFACE: idle-timeout: 1800 seconds
[B-1] IFACE: Change interface flags: -0 +1
with this config:
Code:
# cat mpd.conf |grep -v "^#"
startup:

default:
        load pptp_server

pptp_server:

        set ippool add pool1 192.168.10.50 192.168.10.99

        create bundle template B
        set iface enable proxy-arp
        log +iface2
        set iface idle 1800
        set iface enable tcpmssfix
        set ipcp yes vjcomp
        set ipcp ranges 192.168.10.1/32 ippool pool1
        set ipcp dns 192.168.10.1
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless

        create link template L pptp
        set link action bundle B
        set link enable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        set link mtu 1460
        set pptp self pub.ip.add.res
        set link enable incoming
This is a production server and it was running 7.2-STABLE where everything was working fine but when I updated to 8-STABLE it stopped working...
I knew this problem existed with the new arp implementation but I assumed it had been fixed for the release...unfortunately it's still there...
Do you have an idea how could I work around this or when will it be fixed?
And how is this an mpd problem? Apparently arp is the problem...

thanks
 

freepaddler

New Member


Messages: 17

i've tried the patch - it seems not working :(

may be i did something wrong?


Code:
cd /usr/src
patch < ~/ppp-proxy-arp-patch-121515.diff
cd /usr/src/usr.sbin/arp
make obj && make depend && make && make install

then i rebuild the kernel.

trying to connect by vpn client...
Code:
[B-1] system: command "/usr/sbin/arp" returned 256

here is my mpd.conf
Code:
startup:
        set user *** *** admin
        set console self 127.0.0.1 5005
        set console open
        set web self 0.0.0.0 5006
        set web open

default:
        load pptp_vpn_server

pptp_vpn_server:
        set ippool add vpn_pool 172.30.6.13 172.30.6.14

        create bundle template B
        set iface enable proxy-arp
        set iface idle 0
        set iface enable tcpmssfix
        set ipcp yes vjcomp

        set ipcp ranges 172.30.6.1/32 ippool vpn_pool
        set ipcp dns 172.30.6.1
        set ipcp nbns 172.30.6.1

        set bundle enable compression
        set ccp yes mppc
        #set mppc yes e40
        set mppc yes e128
        set mppc yes stateless

        create link template L pptp
        set link action bundle B
        set link enable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        set link mtu 1460

        set pptp self xx.xx.xx.xx

        set link enable incoming
 

hshh

Member

Reaction score: 2
Messages: 22

That patch is not only for usr.sbin/arp/arp.c, maybe you need to rebuld kernel too.
 
OP
P

proks

New Member


Messages: 15

But !
Mpd add mac entry to arp table and work!
but if I input from command line
arp -S ip mac (for example arp -S 10.111.0.102 00:30:48:96:cc:56 pub)
i see
Code:
arp: writing to routing socket: Invalid argument
arp table has this entry, for example:
? (10.111.0.101) at 00:30:48:96:cc:56 on vlan555 permanent published [vlan]
 
Top