i386/152569: Multiple ppp connections and routing table problem
with poptop
martin
m.pizuch at cifacom.com
Thu Nov 25 11:00:22 UTC 2010
>Number: 152569
>Category: i386
>Synopsis: Multiple ppp connections and routing table problem with poptop
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-i386
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Nov 25 11:00:21 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: martin
>Release: 7.3-RELEASE-p2 #0 and 8.1-RELEASE #0
>Organization:
cifacom
>Environment:
FreeBSD services.static.cifap.lan 7.3-RELEASE-p2 FreeBSD 7.3-RELEASE-p2 #0: Wed Sep 15 17:04:16 CEST 2010 root at services.cifap.lan:/usr/obj/usr/src/sys/GENERIC i386
and
FreeBSD pptpsrv 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 root at almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
Freebsd running as a pptp vpn with poptop.
When they are multiple clients connected to the vpn server and the first client disconnects first, the routing table is altered too much.
When the first client connects
# netstat -rn | grep tun
10.1.1.131 10.1.1.130 UGH 0 1 tun0
ff01:5::/32 link#5 UC tun0
ff02::%tun0/32 fe80::250:baff:fe21:69ec%tun0 UGC tun0
There is no problem, traffic is ok and routing table too.
After the second client connects
# netstat -rn | grep tun
10.1.1.131 10.1.1.130 UGH 0 6 tun0
10.1.1.132 10.1.1.130 UGH 0 0 tun1
ff01:5::/32 link#5 UC tun0
ff01:6::/32 link#6 UC tun1
ff02::%tun0/32 fe80::250:baff:fe21:69ec%tun0 UGC tun0
ff02::%tun1/32 fe80::250:baff:fe21:69ec%tun1 UGC tun1
Everything is ok too
But when the first client disconnects the routing table changes to this
# netstat -rn | grep tun
ff01:6::/32 link#6 UC tun1
ff02::%tun1/32 fe80::250:baff:fe21:69ec%tun1 UGC tun1
and others client's traffic stops too.
This problem does not occur when the second client closes his connection first
# netstat -rn | grep tun
10.1.1.133 10.1.1.130 UGH 0 0 tun1
10.1.1.138 10.1.1.130 UGH 0 14 tun0
ff01:5::/32 link#5 UC tun0
ff01:6::/32 link#6 UC tun1
ff02::%tun0/32 fe80::250:baff:fe21:69ec%tun0 UGC tun0
ff02::%tun1/32 fe80::250:baff:fe21:69ec%tun1 UGC tun1
# netstat -rn | grep tun
10.1.1.138 10.1.1.130 UGH 0 62 tun0
ff01:5::/32 link#5 UC tun0
ff02::%tun0/32 fe80::250:baff:fe21:69ec%tun0 UGC tun0
I can reproduce this on the old (7.1 prerelease) and the new (7.3 release) pptp vpn servers. I can also reproduce it with a freshly 8.1 release installed system on a test laptop.
I tried searching forums, mailing list, and bug reports but don't find anything that can help me with this.
Sorry for the raw text, i don't know how to add some format tags.
Thanks,
>How-To-Repeat:
Install poptop and put this in the /usr/local/etc/pptpd.conf file
# egrep "^[aA-zZ]" /usr/local/etc/pptpd.conf
option pptpd
debug
logwtmp
remoteip 10.1.1.111-120
listen 10.1.1.253
Put this in the /etc/ppp/ppp.conf file
# egrep -v "^#" /etc/ppp/ppp.conf
pptpd:
set escape 0xff
set device localhost:pptp
set dial
set timeout 0
set log Phase Chat Connect LCP IPCP IPV6CP CCP tun command
set ifaddr 10.1.1.110 10.1.1.111-10.1.1.120 255.255.255.255
set mppe 128 stateful
enable MSCHAPv2
disable deflate pred1 lqr
deny deflate pred1 lqr
disable ipv6cp
accept dns
set dns 10.1.1.253
set nbns 10.1.1.204
enable proxy
Enable ip forwarding and arpproxing
sysctl net.inet.ip.forwarding=1
sysctl net.link.ether.inet.proxyall=1
>Fix:
Do not have any
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-i386
mailing list