From: James C. <jam...@hp...> - 2005-12-12 00:04:22
|
G'day Tom, The logs show normal PPTP control connection, but abnormal data connection. There are GRE packets from the server to the client, but no packets the other way. On Sun, Dec 11, 2005 at 11:43:19PM +0000, Tom Jobbins wrote: > 23:32:05.016437 IP server.com > myclient.com: call 0 seq 0 gre-ppp-payload > 23:32:05.102729 IP myclient.com.64891 > server.com.pptp: . ack 189 win > 32844 <nop,nop,timestamp 17148851 1076103687> > 23:32:06.994454 IP server.com > myclient.com: call 0 seq 1 gre-ppp-payload > 23:32:09.028117 IP server.com > myclient.com: call 0 seq 2 gre-ppp-payload > 23:32:11.052286 IP server.com > myclient.com: call 0 seq 3 gre-ppp-payload > 23:32:13.038069 IP server.com > myclient.com: call 0 seq 4 gre-ppp-payload > 23:32:15.033700 IP server.com > myclient.com: call 0 seq 5 gre-ppp-payload > 23:32:17.042618 IP server.com > myclient.com: call 0 seq 6 gre-ppp-payload > 23:32:19.053540 IP server.com > myclient.com: call 0 seq 7 gre-ppp-payload > 23:32:21.063622 IP server.com > myclient.com: call 0 seq 8 gre-ppp-payload > 23:32:23.073167 IP server.com > myclient.com: call 0 seq 9 gre-ppp-payload Eventually it times out and shuts down the connection. So the next step in diagnosis is to follow the path of these GRE packets. Normally they would be received by the pptp process on a raw socket, then handed to the PPP implementation. http://pptpclient.sourceforge.net/diagrams.phtml shows some of the underlying architecture which shouldn't be too different on FreeBSD. The next logical place to look for activity is the data stream between the pptp process and the PPP implementation. On Linux, I'd use strace on the pptp process to prove whether it is receiving the GRE packets that show up on the tcpdump. I don't know if you have a suitable tool on FreeBSD. There are two pptp processes for the connection. One handles the control connection, and the other handles the data connection acting as a relay between the GRE packets and the PPP program. On Linux, I'd use lsof to identify which process is which. I'd also use lsof on the PPP program to ensure it has the socket open that connects it to pptp. > I just can't connect to a PPTP server running under m0n0wall, or one > that is part of an embedded Linux router device. Perhaps the packets are sufficiently different that they are improperly handled. We've seen that sort of thing before. -- James Cameron http://quozl.netrek.org/ HP Open Source, Volunteer http://opensource.hp.com/ PPTP Client Project, Release Engineer http://pptpclient.sourceforge.net/ |