Why pfsense/bsd GRE packet has 4 additional bytes and protocol type 0x883e(WCCP)
I'm troubleshooting my mikrotik -> pfsense ipsec/gre vpn, and can't make it work.
I'm following the RFC 1701 and pfsense/freebsd is replying a gre packet with 4 additional bytes and protocol type 0x883e. I think mikrotik don't understand it and drop the packet.
See attachment for decrypted esp packet showing gre protocol type in question.
If "WCCP version" is unchecked on webui, LINK2 shouldn't be enabled on ifconfig right?
That's not the case:
gre0: flags=f051 <up,pointopoint,running,link0,link1,link2,multicast>metric 0 mtu 1476 tunnel inet 184.108.40.206 --> 220.127.116.11 inet 172.16.0.1 --> 172.16.0.11 netmask 0xffffff00 inet6 fe80::250:56ff:fe0a:ebb8%gre0 prefixlen 64 scopeid 0x7 nd6 options=21 <performnud,auto_linklocal></performnud,auto_linklocal></up,pointopoint,running,link0,link1,link2,multicast>
So, I think you have a bug to fix :D
Dropping a note here, as I did in your other thread: It's definitely a problem. I put a fix in 2.3 for it. https://redmine.pfsense.org/issues/6010
It's a fairly simple change, it may apply to 2.2.x directly, if not it's still simple to apply by hand if it's a show-stopper for you, though they are processed correctly at boot time as far as I can see, so adjusting them via ifconfig after creation should be OK for the time being. 2.3 will be out before too long. :-)