Jeremie Le Hen writes:
> Given the simplicity of gif(4) IP-encapsulated packets, I wonder
> how Linux guys could have implemented something else in their IPIP
> module :-).
They didn't, Linux IPIP exactly what it sounds like it does: IP in IP
encapsulation. The confusion seems to be on the par
Greg 'groggy' Lehey writes:
> It's currently pushing 7:30 pm, and I was going to send out a reply
> tomorrow. But indeed, it seems that Linux people prefer GRE tunnels,
> we prefer (with good reason) IP tunnels, ...
Like FreeBSD, Linux supports both GRE and IPIP. It is not a Linux
thing to us
Gianmarco Giovannelli writes:
> Hi Greg, I have follow with interest this thread because I had a similar
> problem sometimes ago and we din't succeded in resolve it as I like ...
>
> I had to connect a couple of a nets with a freebsd box and a linux box
> (not managed by me). They insist t
Greg 'groggy' Lehey writes:
> Certainly that confusion exists. But it doesn't seem to be the
> problem here: the original poster (Gianmarco?) stated that he had
> tried to set up a tunnel with gif(4), which would mean an IP-IP
> tunnel.
If you were referring to Gianmarco then as the following
Greg 'groggy' Lehey writes:
> Ah, my bad. But nos-tun also does IP-IP, so he was using the correct
> tool. So that doesn't seem to be the problem here.
By default non-tun uses protocol 94 which is not compatible with
gif(4) and Linux IPIP, both of which protocol 4. There is an option
(-p) to
Giovanni P. Tirloni writes:
> I don't know how PF keeps tracks of ICMP packets but there must be a
> way for it to distinguish between a packet destined to 192.168.0.1 or 0.2.
An ICMP ECHO REQUEST message has a 16-bit id field which can be
altered by NAT to identify the originating machine.
Crist J. Clark writes:
> Two different ESP end points behind many-to-one NAT connected to a
> single ESP end point on the other side of the NAT? I'd be very curious
> to get the documentation on how they are cheating to get that to work.
A cheat is to use the sequence number in the ESP header t
