Weird "route add" issue with PPP over ssh linux 2.2.15

Weird "route add" issue with PPP over ssh linux 2.2.15

Post by Stephen Baxte » Sun, 14 Jan 2001 06:34:05



Hello,

We have recently configured a VPN tunnel between two locations using ssh
and PPP. This is all fine and the point to point link comes up no worries
at all.
The real problem lies in the fact that as soon as I try to add a route
automatically using ip-up the point to point link stops responding until I
remove the route.

The command I am using to do this is :

/usr/sbin/pppd nodetach debug noccp user blah pty 'ssh -t \

I use no detach to get easy access to the debug data - the problem is
identical if I remove nodetach and the debug.

The ip-up script looks like :

#!/bin/bash

/sbin/route add -net a.b.c.0/23 dev $1

The route is successfully added but as soon as the route is present the
PPP link will not even pass LCP echo. If I remove the route after a few
seconds (up to 30) the PPP link comes alive again. The problem is the same
if I use a network that emcompasses the PPP link addresses or not.

Now the weird thing is that if I manually add the routes with
"route add -net a.b.c.0/23 dev ppp0" then it does not happen - all is
fine and dandy !

Is this a known issue as I was looking around the net from a google search
and found a refernce to a Linux VPN howto that reccommended that you build
a minutely run cron script to add routes. This VPN doc outlined how to do
what we had done anyhow but I found it strange that it did not use ip-up
to add routes !

Any help greatly appreciated.

Other details are :

Linux 2.2.15
Slackware
ipchains in but no details of packets being blocked (log option used !)
pppd version 2.3.10

PS. the other end is freebsd but the drama only occurs when I add the
route from my end so I am figuring a linux bug.

--
Stephen Baxter             SE Network Access/Big Networks Australia
phone : +61 8 8221 5221    222 Grote Street
fax   : +61 8 8221 5220    Adelaide 5000, Australia

 
 
 

Weird "route add" issue with PPP over ssh linux 2.2.15

Post by James Carlso » Thu, 18 Jan 2001 02:02:23



> /usr/sbin/pppd nodetach debug noccp user blah pty 'ssh -t \

> I use no detach to get easy access to the debug data - the problem is
> identical if I remove nodetach and the debug.

> The ip-up script looks like :

> #!/bin/bash

> /sbin/route add -net a.b.c.0/23 dev $1

Is it possible that "a.b.c.0/23" subnetwork includes
server.blahsville.com.au?  If so, then you're trying to encapsulate
PPP over ssh over PPP over ssh over PPP over ....

Quote:> Now the weird thing is that if I manually add the routes with
> "route add -net a.b.c.0/23 dev ppp0" then it does not happen - all is
> fine and dandy !

That is odd.  What appears in the kernel forwarding tables in each
case?  (Use "route -n" to display this.)

What appears in the debug logs?

--

SUN Microsystems / 1 Network Drive         71.234W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.497N   Fax +1 781 442 1677
Second Edition now available - http://people.ne.mediaone.net/carlson/ppp

 
 
 

Weird "route add" issue with PPP over ssh linux 2.2.15

Post by Stephen Baxte » Thu, 18 Jan 2001 07:14:24


Quote:> > #!/bin/bash

> > /sbin/route add -net a.b.c.0/23 dev $1

> Is it possible that "a.b.c.0/23" subnetwork includes
> server.blahsville.com.au?  If so, then you're trying to encapsulate
> PPP over ssh over PPP over ssh over PPP over ....

The point ot point link has two address that incorporate the route I am
trying to add.

server = a.b.c.41/32
client = a.b.c.84/32

route add -net a.b.c.0/23 dev $1

We have also tried adding a supernet route that does not include the point
to point addresses and it seems to have the same effect on the link. One
late night I got tired and use tried an "echo $1":"$2...(etc all args) >
/tmp/file" and it froze the link as well - I think - it was late and I was
tired :-)

Quote:> > Now the weird thing is that if I manually add the routes with
> > "route add -net a.b.c.0/23 dev ppp0" then it does not happen - all is
> > fine and dandy !

> That is odd.  What appears in the kernel forwarding tables in each
> case?  (Use "route -n" to display this.)

Yep - we compared those both and there was no difference between the
manual and auto methods.

Quote:> What appears in the debug logs?

It all looks normal. I have not cranked up the debug level any further.
I am putting this down to a kernel bug  and will install a 2.4 in the next
week and see if that make life better or worse !

--
Stephen Baxter             SE Network Access/Big Networks Australia
phone : +61 8 8221 5221    222 Grote Street
fax   : +61 8 8221 5220    Adelaide 5000, Australia

 
 
 

Weird "route add" issue with PPP over ssh linux 2.2.15

Post by James Carlso » Thu, 18 Jan 2001 21:19:32



> The point ot point link has two address that incorporate the route I am
> trying to add.

> server = a.b.c.41/32
> client = a.b.c.84/32

> route add -net a.b.c.0/23 dev $1

That's not the question I asked.  Does the address to which ssh is
connecting (server.blahsville.com.au in your example) lie within the
a.b.c.0/23 subnet?  (Since the addresses you gave aren't real, I can't
check myself.)

If it is within that subnet, then you may need a hardwired host route
to server.blahsville.com.au so that packets to that particular address
continue to go through the real network interface rather than your
ppp0 tunnel.

Quote:> Yep - we compared those both and there was no difference between the
> manual and auto methods.

Seeing that output would have been helpful.

Quote:> It all looks normal. I have not cranked up the debug level any further.
> I am putting this down to a kernel bug  and will install a 2.4 in the next
> week and see if that make life better or worse !

Hmm.  I guess I would have played with the debug levels myself, and
would have *posted* the actual logs rather than summarizing them.
Good luck, though.

--

SUN Microsystems / 1 Network Drive         71.234W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.497N   Fax +1 781 442 1677
Second Edition now available - http://people.ne.mediaone.net/carlson/ppp

 
 
 

Weird "route add" issue with PPP over ssh linux 2.2.15

Post by stev » Sat, 20 Jan 2001 20:26:50


James,

Bingo !

Thanks for that. Of course !

Just changed it and all is good :-)

SB



> > The point ot point link has two address that incorporate the route I am
> > trying to add.

> > server = a.b.c.41/32
> > client = a.b.c.84/32

> > route add -net a.b.c.0/23 dev $1

> That's not the question I asked.  Does the address to which ssh is
> connecting (server.blahsville.com.au in your example) lie within the
> a.b.c.0/23 subnet?  (Since the addresses you gave aren't real, I can't
> check myself.)

> If it is within that subnet, then you may need a hardwired host route
> to server.blahsville.com.au so that packets to that particular address
> continue to go through the real network interface rather than your
> ppp0 tunnel.

> > Yep - we compared those both and there was no difference between the
> > manual and auto methods.

> Seeing that output would have been helpful.

> > It all looks normal. I have not cranked up the debug level any further.
> > I am putting this down to a kernel bug  and will install a 2.4 in the next
> > week and see if that make life better or worse !

> Hmm.  I guess I would have played with the debug levels myself, and
> would have *posted* the actual logs rather than summarizing them.
> Good luck, though.

> --

> SUN Microsystems / 1 Network Drive         71.234W   Vox +1 781 442 2084
> MS UBUR02-212 / Burlington MA 01803-2757   42.497N   Fax +1 781 442 1677
> Second Edition now available - http://people.ne.mediaone.net/carlson/ppp

 
 
 

Weird "route add" issue with PPP over ssh linux 2.2.15

Post by stev » Sat, 20 Jan 2001 20:27:34


James,

Bingo !

Thanks for that. Of course !

Just changed it and all is good :-)

SB



> > The point ot point link has two address that incorporate the route I am
> > trying to add.

> > server = a.b.c.41/32
> > client = a.b.c.84/32

> > route add -net a.b.c.0/23 dev $1

> That's not the question I asked.  Does the address to which ssh is
> connecting (server.blahsville.com.au in your example) lie within the
> a.b.c.0/23 subnet?  (Since the addresses you gave aren't real, I can't
> check myself.)

> If it is within that subnet, then you may need a hardwired host route
> to server.blahsville.com.au so that packets to that particular address
> continue to go through the real network interface rather than your
> ppp0 tunnel.

> > Yep - we compared those both and there was no difference between the
> > manual and auto methods.

> Seeing that output would have been helpful.

> > It all looks normal. I have not cranked up the debug level any further.
> > I am putting this down to a kernel bug  and will install a 2.4 in the next
> > week and see if that make life better or worse !

> Hmm.  I guess I would have played with the debug levels myself, and
> would have *posted* the actual logs rather than summarizing them.
> Good luck, though.

> --

> SUN Microsystems / 1 Network Drive         71.234W   Vox +1 781 442 2084
> MS UBUR02-212 / Burlington MA 01803-2757   42.497N   Fax +1 781 442 1677
> Second Edition now available - http://people.ne.mediaone.net/carlson/ppp

 
 
 

1. Feedback on 2.2.15 (wasRe: Kernel Stable: 2.2.15pre4 )

I've been trying the 2.2.15 prereleases, and so far they seem great.
2.2.15 pre 4 (subjectively speaking) made my system much zippier
than 2.2.13/4 and 2.2.15 pre 5 which I built last night, feels
faster still (and apparently has some rather neat debug code to
trap bad application memory use/kernel bugs).

So overall I'm very pleased. Many thanks to Alan and the guys who've
been working on the VM stuff. It feels great for me.

BTW I'm running this on Mandrake 6.1, Cyrix 6x86 MX 300, 64MB RAM.

Like I say, 2.2.15 feels like it's shaping up to be the best 2.2 kernel
yet by a significant margin (to me at least!)
Mike



Sent via Deja.com http://www.deja.com/
Before you buy.

2. recvmsg system call

3. differences among "ssh", "rlogin" and "telnet"

4. Bootloader Question

5. How do I fetch PPP stats in Kernel 2.2.15?

6. Unix newbie question.

7. GETSERVBYNAME()????????????????????"""""""""""""

8. DNS and IP MASQ

9. porting kernel module from linux 2.2.15 to linux 2.4.2

10. """"""""My SoundBlast 16 pnp isn't up yet""""""""""""

11. Emacs 19.34 on linux 2.2.15

12. MDK 7.1 - linux 2.2.15-4 - iproute ??

13. AWE64, Debian 2.1, Linux 2.2.15 - device busy error