On Wednesday, February 01, 2012 7:24 AM wrote Eugene Grosbein >01.02.2012 21:12, Eric W. Bates пишет: >> On 2/1/2012 3:06 AM, Doug Barton wrote: >>> If it's a hurricane electric tunnel don't you want protocol 41? >> >> Well, it's a straight up gif. Right this second I'm trying to suss out >> which protocol gif's use. If it's documented, I can't find it. The >> closest bit I can find on the man page is: >> >> The behavior of gif is mainly based on RFC2893 IPv6-over-IPv4 >> configured tunnel. >> >> I tried to read the pertinent parts of the RFC, but it doesn't really >> discuss "type" or "protocol". It does talk about some header size issues. >> >> Since ipfw is obviously blocking something and I can't get a handle on >> it with tcpdump, I'm groping for an understanding of the shape of the >> gif packets. > >Have you tried "tcpdump -i em_vlan5 -nnvvs0 host $he_tun and not tcp and not >udp and not icmp" ? > >I do not use IPv6 over IPv4 tunnels and not sure. >Perhaps, that is IPIP protocol (number 94 decimal)?
I use a number of gif tunnels with ipfw and I have always used 'ipencap' (protocol 4) for my ipfw rules. One you break it out of the tunnel though you can then use ipfw one the inside tunnel traffic. I don't have one with HE right now so they may be different but this is what I use for a standard ipv4-ipv4 gif tunnel. ---- kirk _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
