[pptp-server] gre running over ppp or IP?
Scott Stone
SStone at taos.com
Tue May 22 19:43:50 CDT 2001
actually you're using IP encapsulated in PPP encapsulated in GRE :) ... GRE
is a transport layer protocol (or at least acts like one) which is usually
seen in /etc/protocols. ie, GRE is to IP what TCP is to IP. Then again,
ICMP is listed in /etc/protocols, too, and it acts like a transport layer
protocol, but its RFC specifies network layer. bah!
Anyway, GRE transport is used for the tunnel, then a point-to-point link is
established through the GRE tunnel, and IP is run over that.
-----------------------------------------------------
Scott M. Stone <sstone at taos.com>
Senior Technical Consultant - UNIX and Networking
Taos, the Sysadmin Company - Santa Clara, CA
-----Original Message-----
From: Ismandy Ali [mailto:ismandya at sains.com.my]
Sent: Tuesday, May 22, 2001 5:17 PM
To: pptp-server at lists.schulte.org; phil at vibrationresearch.com
Subject: [pptp-server] gre running over ppp or IP?
Hi all,
I know that the pptpd needs port 1723 and protocol 47 to work.
I followed the howto from http://www.vibres.com/pptpd/example.html
-------------------
ppp-2.3.11.tar.gz
Apply ppp-2.3.11-openssl-0.9.5-mppe.patch.gz patch to ppp-2.3.11
Apply ppp_mppe_compressed_data_fix.diff patch to the
ppp-2.3.11/linux/ppp_mppe.c file (after the openssl-mppe patch is
applied)
if_ppp_2.2.17.diff (used to patch the Linux source after ppp-2.3.11
makes it's changes)
pptpd-1.1.2.tar.gz
kernel linux-2.2.17.tar.gz
----------------------
In our pptpd, correct me if I am wrong, should the GRE is encapsulated
and running over IP. But based from the the output captured by my
tcpdump, it seems that GRE is not running over IP, instead it is
running over PPP(0x880B). So is this the correct way of pptpd works?
My pptpd does n't works, and it gives me "LCP: timeout sending
Config-Requests" inside my logs file,and from the FAQ, is says that this
problem occured due to the filtering on the firewall. I don't think it
is be the problem since we does n't implement any form of filtering in
our network.
Any idea what cause such problem?
#tcpdump -i eth0 -n proto 47 or port 1723
17:44:48.199173 < 161.142.45.174.1553 > 161.184.155.230.1723: S
10498228:10498228(0) win 8192 <mss 536,nop,nop,sackOK> (DF)
17:44:48.199310 > 161.184.155.230.1723 > 161.142.45.174.1553: S
3073208334:3073208334(0) ack 10498229 win 32696 <mss 536,nop,nop,sackOK>
(DF)
17:44:48.483929 < 161.142.45.174.1553 > 161.184.155.230.1723: . 1:1(0)
ack 1 win 8576 (DF)
17:44:48.526568 < 161.142.45.174.1553 > 161.184.155.230.1723: P
1:157(156) ack 1 win 8576 (DF)
17:44:48.526611 > 161.184.155.230.1723 > 161.142.45.174.1553: . 1:1(0)
ack 157 win 32540 (DF)
17:44:48.526916 > 161.184.155.230.1723 > 161.142.45.174.1553: P
1:157(156) ack 157 win 32696 (DF)
17:44:48.880168 < 161.142.45.174.1553 > 161.184.155.230.1723: P
157:325(168) ack 157 win 8420 (DF)
17:44:48.884505 > 161.184.155.230.1723 > 161.142.45.174.1553: P
157:189(32) ack 325 win 32696 (DF)
17:44:48.889345 > gre-proto-0x880B (gre encap)
17:44:49.298740 < 161.142.45.174.1553 > 161.184.155.230.1723: .
325:325(0) ack 189 win 8388 (DF)
17:44:51.894451 > gre-proto-0x880B (gre encap)
17:44:54.904470 > gre-proto-0x880B (gre encap)
17:44:57.914381 > gre-proto-0x880B (gre encap)
17:45:00.924388 > gre-proto-0x880B (gre encap)
17:45:03.934683 > gre-proto-0x880B (gre encap)
p/s: I learn tcpdump from problem, it is fun, and I need people to ask.
Not that I am dunnot know, but I am not sure.
Kukulkan
_______________________________________________
pptp-server maillist - pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!
More information about the pptp-server
mailing list