My daily readings 11/18/2009

  • tags: PPTP, internet, access

    • Cannot determine ethernet address for proxy ARP

      This is due to an issue with the pppd program, which attempts to find a
      hardware interface on the subnet to which the pppd client has been
      assigned. In this case its looking for a hardware interface on the
      192.168.5.0 subnet. It will fail to find one, and will drop the
      proxyarp request.

      The simplest way around this problem, and the one that is suggested in
      the pppd documentation, is to set the pppd client IP assignment to be on
      the local subnet. An example in this case might be 192.168.56.129.
      However, it may not be possible to do that. In the case of a fully
      loaded subnet, there may not be any addresses to spare. Or there may be
      some security issues with giving out local subnet addresses. What to
      do?

      The place to look is in the arp table. If you run tcpdump on host
      (192.168.56.12) during the time when client is pinging, you will see
      unanswered arp requests from host attempting to find the hardware
      address for 192.168.5.12. You need to proxy the hardware address of the
      pptp_srvr for client in order for this request to be fulfilled. This is
      the job of proxyarp. However, proxyarp has let us down in this
      instance, and we need to find a workaround.

      This can be done manually using the arp command on pptp_srvr. For
      example, if the ethernet card on pptp_srvr is
      eth0, you could force the arp to proxy the client pptp
      address by saying

      	arp --use-device --set 192.168.5.12 eth0 pub
      

      You should now be able to ping from client to host through the pptp
      connection.

  • tags: no_tag

    • Proxy ARP can be used to make the systems with addresses
      130.252.100.18 and 130.252.100.19 appear to be on the upper
      (130.252.100.*) subnet. Assuming that the upper firewall interface is eth0
      and the lower interface is eth1, this is accomplished using the following
      entries in /etc/shorewall/proxyarp:
  • tags: no_tag

    • Even when I’ve connected to a remote pptp server, my PC uses the DNS servers
      assigned by DHCP server.
      So, I can’t resolve the host names on my intranet via DNS…
      What I hope is that, once the pptp connection set-up has been done, the DNS
      servers on the PPP adapter are used by default.

      Any Ideas?

Posted from Diigo. The rest of my favorite links are here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: