From owner-FreeBSD-net-jp@jp.FreeBSD.org Fri Aug  2 12:28:01 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g723S1M65043;
	Fri, 2 Aug 2002 12:28:01 +0900 (JST)
	(envelope-from owner-FreeBSD-net-jp@jp.FreeBSD.org)
Received: from dns2.hitechs.co.jp (dns2.hitechs.co.jp [211.6.230.249])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with SMTP/inet id g723Rrn65038
	for <FreeBSD-net-jp@jp.FreeBSD.org>; Fri, 2 Aug 2002 12:27:53 +0900 (JST)
	(envelope-from uchiyama@hitechs.co.jp)
Received: (qmail 45474 invoked from network); 2 Aug 2002 03:27:46 -0000
Received: from lily.krb.hitechs.co.jp (@172.16.1.1)
  by dns2.hitechs.co.jp with SMTP; 2 Aug 2002 03:27:46 -0000
Received: (qmail 58521 invoked from network); 2 Aug 2002 03:27:45 -0000
Received: from ac101555.dhcp.krb.hitechs.co.jp (HELO ?172.16.21.85?) (172.16.21.85)
  by lily.krb.hitechs.co.jp with SMTP; 2 Aug 2002 03:27:45 -0000
Date: Fri, 02 Aug 2002 12:27:40 +0900
From: Koji Uchiyama <uchiyama@pp.iij4u.or.jp>
To: FreeBSD-net-jp@jp.FreeBSD.org
In-Reply-To: <20020801140400.GB75523%ginga@ginganet.org>
References: <sld6t64uk4.fsf@belldandy.vsp.cpg.sony.co.jp> <20020801140400.GB75523%ginga@ginganet.org>
Message-Id: <20020802122729.8E0D.UCHIYAMA@pp.iij4u.or.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.05.03
Reply-To: FreeBSD-net-jp@jp.FreeBSD.org
Precedence: list
X-Sequence: FreeBSD-net-jp 3771
Subject: [FreeBSD-net-jp 3771] Re: ipfw + vtun(Re: vtund
 =?ISO-2022-JP?B?GyRCJEdETD5vJE4bKEI=?= IP address
 =?ISO-2022-JP?B?GyRCJEskaCRrQFxCMxsoQg==?=(unnumbere d
 routing?))
Errors-To: owner-FreeBSD-net-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-net-jp@jp.FreeBSD.org
X-Originator: uchiyama@pp.iij4u.or.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020727


$BFb;3(B <uchiyama@pp.iij4u.or.jp> $B$H?=$7$^$9!#(B


On Thu, 1 Aug 2002 23:04:00 +0900
Kawaguti Ginga <ginga-freebsd@ginganet.org> wrote:

> $B$G!$0l=V!$(Bipfw $B$rA4(B open (/etc/rc.firewall open)$B$K$7$F$_$k$H(B
> ping $B$K$7$m!$(Bssh $B$K$7$m(B vtun $B7PM3$GLdBj$J$/@\B3$G$-$k$N$G$9$,!$(B
> $B<+J,$N(B ipfw config $B$G$O$&$^$/DL$8$^$;$s!%(B

> vtun $B$N%Q%1%C%H$r(B ipfw $B$GA4DL$7$9$k$K$O(B $B$I$N$h$&$J%k!<%k$r(B
> $B=q$1$PNI$$$N$G$7$g$&$+(B($B$H$$$&$+!$(Bvia tun0 $B$G0z$C3]$+$i$J$$M}M3$,J,$+$j$^$;$s(B)

$B$O$:$7$F$$$k$+$b$7$l$^$;$s$,(B
$B!V(Bipfw $B$rA4(B open $B$J>uBV$G$O!"<B$O(B vtun $B$r7PM3$7$J$$$G7R$,$C$F$$$?!W(B
$B$H$$$&2DG=@-$O$"$j$^$;$s$G$7$g$&$+!)(B

ipfw $B$rA4(B open $B$K$7$?>uBV$G(B

- $B%M%C%H%o!<%/9=@.?^(B
- /etc/rc.conf ($B$N(B IP $B%"%I%l%9$d7PO)@_Dj$K4X$9$kItJ,(B)
- vtund.conf
- vtun $B$r5/F0$9$k(B script (cliant $BB&$G;XDj$7$?(B server address $B$O!)(B)
- netstat -rn $B$N7k2L(B
- ifconfig -u $B$N7k2L(B

$B$r$"$i$?$a$FDs<($7$F$$$?$@$/$H(B
$BE,@Z$J%3%a%s%H$rF@$i$l$k2DG=@-$,9b$$$h$&$K;W$$$^$9!#(B


># server:

>  up {
>        ifconfig "%d inet 192.168.220.9 192.168.220.10 netmask 255.255.255.248";
>        route "add -net 192.168.220.8/29 -interface %d";
>  };

>#client:

>  up {
>        ifconfig "%d inet 192.168.220.10 192.168.220.9 netmask 255.255.255.248";
>        route "add -net 192.168.220.8/29 -interface %d";
>  };

$B%"%I%l%9$r?6$i$J$$$HFI$_$K$/$$$N$G!"2>$K%"%I%l%9$r?6$j$^$9!'(B

- vtun $B%5!<%P$N(B IP $B%"%I%l%9(B       v.v.v.1
- vtun $B%5!<%P$N%M%C%H%o!<%/(B       n.n.n.0/24
- vtun $B%/%i%$%"%s%H$N(B IP $B%"%I%l%9(B u.u.u.1
- vtun $B%/%i%$%"%s%H$N%M%C%H%o!<%/(B m.m.m.0/24

# $B!V(Bvtun $B%5!<%P$N%M%C%H%o!<%/!W!V(Bvtun $B%/%i%$%"%s%H$N%M%C%H%o!<%/!W(B
# $B$H$$$&$N$O[#Kf$JI=8=$G$9$,!"5v$7$F$/$@$5$$!#(B

"add -net 192.168.220.8/29 -interface %d" $B$NItJ,$O(B
$B!V(Bvtun server <---> vtun client $B4V$N(B($B2>A[(B)$B%M%C%H%o!<%/!W(B
$B$K4X$9$k7PO)@_Dj$r9T$C$F$$$k$h$&$G$9$,!"(B
n.n.n.0/24 $B$d(B m.m.m.0/24 $B$K4X$9$k7PO)@_Dj$O(B
$B$I$3$G@_Dj$5$l$F$$$k$N$G$7$g$&$+!)(B
(/etc/rc.conf $B$K=q$$$F$$$k$H$+(B vtund.conf $B$K=q$$$F$$$k$H$+(B)

vtun $B%5!<%PB&$G$O(B
route add -net  m.m.m.0 netmask 0xffffff00 -interface tun0
vtun $B%/%i%$%"%s%HB&$G$O(B
route add -net  n.n.n.0 netmask 0xffffff00 -interface tun0
$B$_$?$$$J@_Dj$,I,MW$H;W$$$^$9!#(B

v.v.v.1 $B$,(B n.n.n.0/24 $B$K4^$^$l$k>l9g$d(B
u.u.u.1 $B$,(B m.m.m.0/24 $B$K4^$^$l$k>l9g$O(B
vtun $B%5!<%PB&$G$O(B
route add -host u.u.u.1 ${defaultrouter}
vtun $B%/%i%$%"%s%HB&$G$O(B
route add -host v.v.v.1 ${defaultrouter}
$B$_$?$$$J(B HOST $B7PO)$bDI2C$GI,MW$H;W$$$^$9!#(B
$B$3$N(B HOST $B7PO)$rK:$l$k$H!"(B
$B=EB<K!9n$5$s$,$*$C$7$c$k(B
|	$B;d$b$h$/$O$^$j$^$7$?$,(B, vtun $B$J%Q%1%C%H$rAw$k$N$K(B vtun $B7PM3!D(B
|	$B$H$$$&@_Dj$K8+$($^$9!#(B
$B$H$$$&>uBV$K$J$k$N$G$O$J$$$+$H;W$$$^$9!#(B


$BD9!9$H=q$-$^$7$?$,!"$O$:$7$F$$$?$i$4$a$s$J$5$$!#(B

--
Koji Uchiyama <uchiyama@pp.iij4u.or.jp>

