Crash with GRE und IPFW fwd
Andrey V. Elsukov
ae at FreeBSD.org
Fri May 29 01:21:48 UTC 2015
On 29.05.2015 04:13, Julian Kornberger wrote:
> Am 29.05.2015 um 01:35 schrieb Andrey V. Elsukov:
>> The actual panic occurs when ip_output() does RO_RTFREE() to cached
>> route owned by gre(4).
>>
>> #7 0xffffffff80a58105 in ip_output (m=0xfffff800054bb000,
>> opt=<value optimized out>, flags=<value optimized out>,
>> imo=<value optimized out>, inp=0x0)
>> at /usr/src/sys/netinet/ip_output.c:218
>> #8 0xffffffff81a15797 in gre_output (ifp=0xfffff80005a33000,
>> m=<value optimized out>, dst=<value optimized out>,
>> ro=<value optimized out>)
>> at /usr/src/sys/modules/if_gre/../../net/if_gre.c:509
>>
>> As I see you have two gre(4) tunnels:
>>
>> gre1: inet 10.9.0.9 --> 10.9.0.8
>> gre2: inet 10.9.0.11 --> 10.9.0.10
>>
>> but which addresses do you use as tunnel endpoints?
>
> I am running a VPN server with a single public address.
> The local tunnel endpoints are private ip addresses:
>
> gre1: 192.168.1.3/28 --> 5.9.77.235 (the vpn server address)
> gre2: 192.168.1.19/28 --> 5.9.77.235 (the vpn server address)
>
> Between my FreeBSD machine and the VPN server are NAT routers
> (192.168.1.1 and 192.168.1.17). I also added a second public ip address
> to my VPN server to have different public endpoints but it crashes too.
>
> I need to use multiple tunnels to load-balance the VPN traffic.
Did you try gre module from the 11.0-CURRENT? If it works for you, with
stock module you can try to set link1 to both gre(4) interfaces. I think
it will help.
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 538 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20150529/a1382fe4/attachment.sig>
More information about the freebsd-net
mailing list