[pptp-server] gre running over ppp or IP?

Scott Stone SStone at taos.com
Wed May 23 12:12:23 CDT 2001


tcpdump is aware of everything from layer 2 packets on up, so yes, it can
see GRE.  It can dump raw ethernet, too.

-----------------------------------------------------
Scott M. Stone <sstone at taos.com>
Senior Technical Consultant - UNIX and Networking
Taos, the Sysadmin Company - Santa Clara, CA


-----Original Message-----
From: Ismandy Ali [mailto:ismandya at sains.com.my]
Sent: Tuesday, May 22, 2001 6:48 PM
To: Justin Kreger
Cc: pptp-server at lists.schulte.org
Subject: Re: [pptp-server] gre running over ppp or IP?


Is this means that tcpdump() is not really aware of the presence of GRE,
which
makes me does n't get meaningful info when the packets is encountered?

This is the output of my /var/log/pptpd.log  which occured at the same time
with my tcpdump output form my GRE

/var/log/pptpd.log
May 22 16:47:29 kgsnt3 pppd[601]: sent [LCP ConfReq id=0x1 <asyncmap 0x0>
<auth chap 81> <magic 0xdbf1f32e> <pcomp> <accomp>]
May 22 16:47:29 kgsnt3 pppd[601]: Timeout 0x80503d4:0x80784c0 in 3 seconds.

with tcpdump -i eth0 -n proto 47 or port 1723

16:47:29.904470 > gre-proto-0x880B (gre encap) - this once occured 9 times

Can I see other people's tcpdump output of a working pptpd server?


Justin Kreger wrote:

> The ppp session is inside the gre tunnel, which is encapsulated in IP.  As
> for your request time outs, you may not have pppd setup to be the server,
> it may think its a client... along with your client.
>
> Justin Kreger, MCP MCSE CCNA
> jkreger at earthling.2y.net jwkreger at uncg.edu jkreger at aristotle.wss.net
>
> On Wed, 23 May 2001, Ismandy Ali wrote:
>
> > Hi all,
> >
> > I know that  the pptpd needs port 1723 and protocol 47 to work.
> >
> > I followed the howto from http://www.vibres.com/pptpd/example.html
> > -------------------
> > ppp-2.3.11.tar.gz
> > Apply ppp-2.3.11-openssl-0.9.5-mppe.patch.gz patch to ppp-2.3.11
> > Apply ppp_mppe_compressed_data_fix.diff patch to the
> > ppp-2.3.11/linux/ppp_mppe.c file (after the openssl-mppe patch is
> > applied)
> > if_ppp_2.2.17.diff (used to patch the Linux source after ppp-2.3.11
> > makes it's changes)
> > pptpd-1.1.2.tar.gz
> > kernel linux-2.2.17.tar.gz
> > ----------------------
> >
> > In our pptpd, correct me if I am wrong, should the GRE is encapsulated
> > and running over IP. But based from the the output captured by my
> > tcpdump, it seems that  GRE   is not running over IP, instead it is
> > running over PPP(0x880B). So is this the correct way of pptpd works?
> >
> > My pptpd does n't works, and it gives me  "LCP: timeout sending
> > Config-Requests" inside my logs file,and from the FAQ, is says that this
> > problem  occured due to the filtering on the firewall. I don't think it
> > is be the problem since we does n't implement any form of filtering in
> > our network.
> >
> > Any idea what cause such problem?
> >
> >
> >  #tcpdump -i eth0 -n proto 47 or port 1723
> >
> > 17:44:48.199173 < 161.142.45.174.1553 > 161.184.155.230.1723: S
> > 10498228:10498228(0) win 8192 <mss 536,nop,nop,sackOK> (DF)
> > 17:44:48.199310 > 161.184.155.230.1723 > 161.142.45.174.1553: S
> > 3073208334:3073208334(0) ack 10498229 win 32696 <mss 536,nop,nop,sackOK>
> > (DF)
> > 17:44:48.483929 < 161.142.45.174.1553 > 161.184.155.230.1723: . 1:1(0)
> > ack 1 win 8576 (DF)
> > 17:44:48.526568 < 161.142.45.174.1553 > 161.184.155.230.1723: P
> > 1:157(156) ack 1 win 8576 (DF)
> > 17:44:48.526611 > 161.184.155.230.1723 > 161.142.45.174.1553: . 1:1(0)
> > ack 157 win 32540 (DF)
> > 17:44:48.526916 > 161.184.155.230.1723 > 161.142.45.174.1553: P
> > 1:157(156) ack 157 win 32696 (DF)
> > 17:44:48.880168 < 161.142.45.174.1553 > 161.184.155.230.1723: P
> > 157:325(168) ack 157 win 8420 (DF)
> > 17:44:48.884505 > 161.184.155.230.1723 > 161.142.45.174.1553: P
> > 157:189(32) ack 325 win 32696 (DF)
> > 17:44:48.889345 > gre-proto-0x880B (gre encap)
> > 17:44:49.298740 < 161.142.45.174.1553 > 161.184.155.230.1723: .
> > 325:325(0) ack 189 win 8388 (DF)
> > 17:44:51.894451 > gre-proto-0x880B (gre encap)
> > 17:44:54.904470 > gre-proto-0x880B (gre encap)
> > 17:44:57.914381 > gre-proto-0x880B (gre encap)
> > 17:45:00.924388 > gre-proto-0x880B (gre encap)
> > 17:45:03.934683 > gre-proto-0x880B (gre encap)
> >
> > p/s: I learn tcpdump from  problem, it is fun, and I need people to ask.
> > Not that I am dunnot know, but I am not sure.
> >
> > Kukulkan
> >
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!
> >

_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!



More information about the pptp-server mailing list