| View previous topic :: View next topic |
| Author |
Message |
zubr
n00b
Joined: 28 Apr 2005
Posts: 12
Location: Archangelsk
|
 Posted: Mon Oct 23, 2006 8:30 pm Post subject: Неправильный default route для pptp? |
 |
|
Настраиваю соединение со своим провайдером (vpn-1.atknet.ru или 213.24.49.129), но:
| Code: | home etc # cat /etc/conf.d/net
# This blank configuration will automatically use DHCP for any net.*
# scripts in /etc/init.d. To create a more complete configuration,
# please review /etc/conf.d/net.example and save your configuration
# in /etc/conf.d/net (this file :]!).
# Assume eth0 is the interface connected to the router
# and we set it up via DHCP. If you use eth1 substitute
# that in the rest of this file.
config_eth0=( "dhcp" )
# Use iproute2 instead of the default ifconfig
modules=( "iproute2"
"dhcp" )
# Tell gentoo to set up the ppp interface
config_ppp0=( "ppp" )
# Set the route from the network card to the router. This
# could neccessary if the IP address acquired from DHCP
# is not on the same subnet as the router. Replace
# with the IP address supplied by your provider.
routes_eth0=( "213.24.49.129" )
# Make DHCP not set a default gateway. If it did, then
# ppp daemon wouldn't do it and all the data would go to your
# router instead of the pptp tunnel
dhcp_eth0="nogateway"
# set up the link. note that the IP address is given by the
# provider and is identical to the one in the routes_eth0
# statement.
link_ppp0="pty 'pptp vpn-1.atknet.ru --nolaunchpppd'"
# Enter your username and password observing the apostrophe
username_ppp0='login'
password_ppp0='password'
# Add options. These ones shoul suffice. Debug can be
# deactivated, but defaultroute should stay.
pppd_ppp0=(
"updetach" # WARNING: If you don't specify this then we will
# not wait for the actual PPP link to go up
"debug" # Enables syslog debugging
"noauth" # Do not require the peer to authenticate itself
"defaultroute" # Make this PPP interface the default route
"lcp-echo-interval 15" # Send a LCP echo every 15 seconds
"lcp-echo-failure 3" # Make peer dead after 3 seconds of in-activity
)
# eth0 should start before
depend_ppp0() {
need net.eth0
} |
далее:
| Code: | home etc # cd /etc/init.d
home etc # ln -s net.lo net.ppp0 |
и наконец:
| Code: | home etc # /etc/init.d/net.eth0 restart
home etc # /etc/init.d/net.ppp0 start |
А получилось вот что:
| Code: | home etc # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
core-ca-2-0.atk * 255.255.255.255 UH 0 0 0 eth0
lo0.ubr1.atknet * 255.255.255.255 UH 0 0 0 ppp0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 172.18.255.254 0.0.0.0 UG 0 0 0 eth0
home etc # ifconfig
eth0 Link encap:Ethernet HWaddr 00:04:61:00:F6:E0
inet addr:172.18.145.42 Bcast:172.18.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:61625 errors:0 dropped:0 overruns:0 frame:0
TX packets:605 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3756883 (3.5 Mb) TX bytes:44011 (42.9 Kb)
Interrupt:16 Base address:0xa000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:137 errors:0 dropped:0 overruns:0 frame:0
TX packets:137 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9749 (9.5 Kb) TX bytes:9749 (9.5 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:172.30.10.54 P-t-P:62.192.224.32 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:40 (40.0 b) TX bytes:61 (61.0 b)
home etc # ping -c 3 62.192.224.32
PING 62.192.224.32 (62.192.224.32) 56(84) bytes of data.
64 bytes from 62.192.224.32: icmp_seq=1 ttl=255 time=7.73 ms
64 bytes from 62.192.224.32: icmp_seq=2 ttl=255 time=7.58 ms
64 bytes from 62.192.224.32: icmp_seq=3 ttl=255 time=51.8 ms
--- 62.192.224.32 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 7.587/22.404/51.891/20.850 ms
home etc # ping -c 3 172.18.255.254
PING 172.18.255.254 (172.18.255.254) 56(84) bytes of data.
64 bytes from 172.18.255.254: icmp_seq=1 ttl=255 time=6.97 ms
64 bytes from 172.18.255.254: icmp_seq=2 ttl=255 time=8.18 ms
64 bytes from 172.18.255.254: icmp_seq=3 ttl=255 time=77.9 ms
--- 172.18.255.254 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 6.972/31.034/77.944/33.174 ms
home etc # ping -c 3 www.yandex.ru
PING www.yandex.ru (213.180.204.11) 56(84) bytes of data.
--- www.yandex.ru ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1998ms
home etc #
|
В Windows адреса все такие же и все работает. Как я понял нужно default route перевести на ppp0, но как это сделать - не знаю. |
|
| Back to top |
|
 |
dmiceman
Tux's lil' helper
Joined: 06 Jun 2005
Posts: 115
|
| Posted: Mon Oct 23, 2006 9:07 pm Post subject: |
|
|
мм.. незнаю что там с pptp происходит, но попробуй действительно роут руками поправить:
| Code: |
ip route del default
ip route add default dev ppp0
|
|
|
| Back to top |
|
|
dsme
n00b
Joined: 12 Nov 2005
Posts: 5
|
| Posted: Mon Oct 23, 2006 10:37 pm Post subject: |
|
|
Попробуй добавить | Code: | | routes_ppp0=("default") |
в /etc/conf.d/net
Этого может не хватить, так как будет два дефолтных маршрута. В этом случае можно поиграться с метрикой:
Или вообще не устанавливать маршруты, которые выдает dhcp: | Code: | | dhcp_eth0=("nogateway") |
|
|
| Back to top |
|
|
zubr
n00b
Joined: 28 Apr 2005
Posts: 12
Location: Archangelsk
|
| Posted: Wed Oct 25, 2006 1:52 pm Post subject: Настойки из Windows |
|
|
| Не знаю почему но основной шлюз 172.18.255.254 так и остается за default route и подключение так и не работает с внешними адресами. Может помогут настойки из Windows: там после создания VPN соединения нужно в реестре в ключе HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Rasman/Parameters создать параметр ProhibitIpSec (тип REG_DWORD) = 1; галочку "Требуется шифрование данных (иначе отключаться)" нужно снять. |
|
| Back to top |
|
|
dmiceman
Tux's lil' helper
Joined: 06 Jun 2005
Posts: 115
|
| Posted: Wed Oct 25, 2006 2:02 pm Post subject: Re: Настойки из Windows |
|
|
| zubr wrote: | | Не знаю почему но основной шлюз 172.18.255.254 так и остается за default route и подключение так и не работает с внешними адресами. Может помогут настойки из Windows: там после создания VPN соединения нужно в реестре в ключе HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Rasman/Parameters создать параметр ProhibitIpSec (тип REG_DWORD) = 1; галочку "Требуется шифрование данных (иначе отключаться)" нужно снять. |
погоди, погоди.. оно на изменение роутинга руками не реагирует? что за ужасы ты говоришь.. |
|
| Back to top |
|
|
zubr
n00b
Joined: 28 Apr 2005
Posts: 12
Location: Archangelsk
|
| Posted: Wed Oct 25, 2006 7:47 pm Post subject: Логи и route в Windows |
|
|
Плохо он реагирует на route add default dev ppp0 - route и ping зависают - выход Ctrl+C.
Когда два дефаултных route то никаких изменений за соответствующим появлением 2-х строчек в выводе route типа:
| Code: |
core-ca-2-0.atk * 255.255.255.255 UH 0 0 0 ppp0
default 172.18.255.254 0.0.0.0 UG 0 0 0 ppp0
|
В логах при обычных настройках пишется вот что:
| Code: |
Oct 25 23:14:51 home dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67
Oct 25 23:14:51 home dhclient: DHCPACK from 62.192.227.254
Oct 25 23:14:51 home dhclient: bound to 172.18.145.42 -- renewal in 270 seconds.
Oct 25 23:14:52 home pppd[14173]: Plugin passwordfd.so loaded.
Oct 25 23:14:52 home pppd[14173]: pppd options in effect:
Oct 25 23:14:52 home pppd[14173]: debug # (from command line)
Oct 25 23:14:52 home pppd[14173]: updetach # (from command line)
Oct 25 23:14:52 home pppd[14173]: persist # (from command line)
Oct 25 23:14:52 home pppd[14173]: linkname ppp0 # (from command line)
Oct 25 23:14:52 home pppd[14173]: maxfail 0 # (from command line)
Oct 25 23:14:52 home pppd[14173]: unit 0 # (from command line)
Oct 25 23:14:52 home pppd[14173]: dump # (from command line)
Oct 25 23:14:52 home pppd[14173]: plugin passwordfd.so # (from command line)
Oct 25 23:14:52 home pppd[14173]: noauth # (from command line)
Oct 25 23:14:52 home pppd[14173]: user zubr # (from command line)
Oct 25 23:14:52 home pppd[14173]: remotename ppp0 # (from command line)
Oct 25 23:14:52 home pppd[14173]: passwordfd 3 # (from command line)
Oct 25 23:14:52 home pppd[14173]: # (from /etc/ppp/options)
Oct 25 23:14:52 home pppd[14173]: pty pptp vpn-1.atknet.ru --nolaunchpppd # (from command line)
Oct 25 23:14:52 home pppd[14173]: lcp-echo-failure 3 # (from command line)
Oct 25 23:14:52 home pppd[14173]: lcp-echo-interval 15 # (from command line)
Oct 25 23:14:52 home pppd[14173]: defaultroute # (from command line)
Oct 25 23:14:52 home pppd[14173]: nobsdcomp # (from command line)
Oct 25 23:14:52 home pppd[14173]: nodeflate # (from command line)
Oct 25 23:14:52 home pppd[14173]: pppd 2.4.3 started by root, uid 0
Oct 25 23:14:52 home pppd[14173]: using channel 3
Oct 25 23:14:52 home pppd[14173]: Using interface ppp0
Oct 25 23:14:52 home pppd[14173]: Connect: ppp0 <--> /dev/pts/4
Oct 25 23:14:52 home pptp[14177]: anon log[main:pptp.c:276]: The synchronous pptp option is NOT activated
Oct 25 23:14:52 home pptp[14189]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Oct 25 23:14:52 home pptp[14189]: anon log[pptp_make_packet:pptp_ctrl.c:572]: reserved0 field is not zero! (0x48c9) Cisco feature?
Oct 25 23:14:52 home pptp[14189]: anon log[ctrlp_disp:pptp_ctrl.c:738]: Received Start Control Connection Reply
Oct 25 23:14:52 home pptp[14189]: anon log[ctrlp_disp:pptp_ctrl.c:772]: Client connection established.
Oct 25 23:14:53 home pppd[14173]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x44f186b8> <pcomp> <accomp>]
Oct 25 23:14:53 home pptp[14189]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Oct 25 23:14:53 home pptp[14189]: anon log[ctrlp_disp:pptp_ctrl.c:857]: Received Outgoing Call Reply.
Oct 25 23:14:53 home pptp[14189]: anon log[ctrlp_disp:pptp_ctrl.c:896]: Outgoing call established (call ID 0, peer's call ID 12719).
Oct 25 23:14:53 home pppd[14173]: rcvd [LCP ConfReq id=0x4 <auth chap MD5> <magic 0xeb55370>]
Oct 25 23:14:53 home pppd[14173]: sent [LCP ConfAck id=0x4 <auth chap MD5> <magic 0xeb55370>]
Oct 25 23:14:53 home pppd[14173]: rcvd [LCP ConfReq id=0x5 <auth chap MD5> <magic 0xeb55370>]
Oct 25 23:14:53 home pppd[14173]: sent [LCP ConfAck id=0x5 <auth chap MD5> <magic 0xeb55370>]
Oct 25 23:14:53 home pppd[14173]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x44f186b8> <pcomp> <accomp>]
Oct 25 23:14:53 home pppd[14173]: sent [LCP EchoReq id=0x0 magic=0x44f186b8]
Oct 25 23:14:53 home pppd[14173]: rcvd [CHAP Challenge id=0xd <d4e67d5498a04c0c2ac01e5c04c36c52>, name = "uBR1"]
Oct 25 23:14:53 home pppd[14173]: sent [CHAP Response id=0xd <6f3c3330342ad2767475f9c07b93f764>, name = "zubr"]
Oct 25 23:14:53 home pppd[14173]: rcvd [LCP EchoRep id=0x0 magic=0xeb55370]
Oct 25 23:14:54 home pppd[14173]: rcvd [CHAP Success id=0xd ""]
Oct 25 23:14:54 home pppd[14173]: CHAP authentication succeeded
Oct 25 23:14:54 home pppd[14173]: CHAP authentication succeeded
Oct 25 23:14:54 home pppd[14173]: sent [IPCP ConfReq id=0x1 <compress VJ 0f 01> <addr 0.0.0.0>]
Oct 25 23:14:54 home pppd[14173]: rcvd [IPCP ConfReq id=0x2 <addr 62.192.224.32>]
Oct 25 23:14:54 home pppd[14173]: sent [IPCP ConfAck id=0x2 <addr 62.192.224.32>]
Oct 25 23:14:54 home pppd[14173]: rcvd [IPCP ConfRej id=0x1 <compress VJ 0f 01>]
Oct 25 23:14:54 home pppd[14173]: sent [IPCP ConfReq id=0x2 <addr 0.0.0.0>]
Oct 25 23:14:54 home pppd[14173]: rcvd [IPCP ConfNak id=0x2 <addr 172.30.10.54>]
Oct 25 23:14:54 home pppd[14173]: sent [IPCP ConfReq id=0x3 <addr 172.30.10.54>]
Oct 25 23:14:54 home pppd[14173]: rcvd [IPCP ConfAck id=0x3 <addr 172.30.10.54>]
Oct 25 23:14:54 home pppd[14173]: not replacing existing default route to eth0 [172.18.255.254]
Oct 25 23:14:54 home pppd[14173]: local IP address 172.30.10.54
Oct 25 23:14:54 home pppd[14173]: remote IP address 62.192.224.32
Oct 25 23:14:54 home pppd[14190]: Script /etc/ppp/ip-up started (pid 14194)
Oct 25 23:14:54 home pppd[14190]: Script /etc/ppp/ip-up finished (pid 14194), status = 0x0
|
Т.е. он говорит что все в порядке, хотя из Internet ничего получить не может. Такая фигня.
Кстати привожу странный "route PRINT" в Windows:
| Code: |
===========================================================================
Список интерфейсов
0x1 ........................... MS TCP Loopback interface
0x2 ...00 04 61 00 f6 e0 ...... NVIDIA nForce Networking Controller - ╠шэшяюЁЄ яырэшЁют∙шър яръхЄют
0x20004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 172.18.255.254 172.18.145.42 21
0.0.0.0 0.0.0.0 172.30.10.54 172.30.10.54 1
62.192.227.254 255.255.255.255 172.18.255.254 172.18.145.42 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.18.0.0 255.255.0.0 172.18.145.42 172.18.145.42 20
172.18.145.42 255.255.255.255 127.0.0.1 127.0.0.1 20
172.18.255.255 255.255.255.255 172.18.145.42 172.18.145.42 20
172.30.10.54 255.255.255.255 127.0.0.1 127.0.0.1 50
172.30.255.255 255.255.255.255 172.30.10.54 172.30.10.54 50
224.0.0.0 240.0.0.0 172.18.145.42 172.18.145.42 20
224.0.0.0 240.0.0.0 172.30.10.54 172.30.10.54 1
255.255.255.255 255.255.255.255 172.18.145.42 172.18.145.42 1
255.255.255.255 255.255.255.255 172.30.10.54 172.30.10.54 1
Основной шлюз: 172.30.10.54
===========================================================================
Постоянные маршруты:
Отсутствует
|
|
|
| Back to top |
|
|
dmiceman
Tux's lil' helper
Joined: 06 Jun 2005
Posts: 115
|
| Posted: Wed Oct 25, 2006 10:07 pm Post subject: Re: Логи и route в Windows |
|
|
| zubr wrote: | Плохо он реагирует на route add default dev ppp0 - route и ping зависают - выход Ctrl+C.
Когда два дефаултных route то никаких изменений за соответствующим появлением 2-х строчек в выводе route типа:
| Code: |
core-ca-2-0.atk * 255.255.255.255 UH 0 0 0 ppp0
default 172.18.255.254 0.0.0.0 UG 0 0 0 ppp0
|
|
так, а можно в этом месте чуть поподробнее? как выглядит таблица роутинга целиком после того как eth0 поднялся и ppp0 поднялся и ты сделал "ip route del default"? и отдельно -- после того как ты сделал "ip route add default dev ppp0" |
|
| Back to top |
|
|
zubr
n00b
Joined: 28 Apr 2005
Posts: 12
Location: Archangelsk
|
| Posted: Thu Oct 26, 2006 7:49 am Post subject: Уточнение |
|
|
Погорячился насчет зависания зависание route и ping - в этом деле оказывается важна и скорость ручек! Если набираешь команды быстро то получаем вот что:
| Code: |
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
core-ca-2-0.atk * 255.255.255.255 UH 0 0 0 eth0
lo0.ubr1.atknet * 255.255.255.255 UH 0 0 0 ppp0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 172.18.255.254 0.0.0.0 UG 0 0 0 eth0
home init.d # ip route del default
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
core-ca-2-0.atk * 255.255.255.255 UH 0 0 0 eth0
lo0.ubr1.atknet * 255.255.255.255 UH 0 0 0 ppp0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
home init.d # ip route add default dev ppp0
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
213.24.49.129 * 255.255.255.255 UH 0 0 0 eth0
62.192.224.32 * 255.255.255.255 UH 0 0 0 ppp0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default * 0.0.0.0 U 0 0 0 ppp0
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
213.24.49.129 * 255.255.255.255 UH 0 0 0 eth0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
home init.d #
|
причем route после команды ip route add default dev ppp0 происходит очень медленно - первую строчку нужно ждать секунд пять. Если же все делать неспеша то "правильный" результат выдается сразу:
| Code: |
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
core-ca-2-0.atk * 255.255.255.255 UH 0 0 0 eth0
lo0.ubr1.atknet * 255.255.255.255 UH 0 0 0 ppp0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default 172.18.255.254 0.0.0.0 UG 0 0 0 eth0
home init.d # ip route del default
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
213.24.49.129 * 255.255.255.255 UH 0 0 0 eth0
62.192.224.32 * 255.255.255.255 UH 0 0 0 ppp0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
home init.d # ip route add default dev ppp0
Cannot find device "ppp0"
home init.d # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
213.24.49.129 * 255.255.255.255 UH 0 0 0 eth0
172.18.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
home init.d #
|
Думаю что если бы я подождал еще подольше то конечный результат route я увидел бы и после ip route del default. |
|
| Back to top |
|
|
dmiceman
Tux's lil' helper
Joined: 06 Jun 2005
Posts: 115
|
| Posted: Thu Oct 26, 2006 11:28 am Post subject: |
|
|
так, такое впечатление что pptp умирает после отваливания default-а. что в принципе логично.. 
сделай так:
| Code: |
ip route add 62.192.224.32 dev eth0
<поднять pptp>
ip route del default
ip route add default ppp0
|
соль в том что бы соединение с другим концом туннеля происходило по известному маршруту -- по eth0 |
|
| Back to top |
|
|
|
Russian
