Hi, Now I get my chance to look at this approach again. I took a look at your diagram, I have got questions:- (1) For Router A, eth0 is xxx.yyy.zzz.ttt, eth1 192.168.1.1/24. So, which interface holds the IP of 192.168.3.1/30? Same ad Router B... (2) For Router B, eth0 is bbb.ccc.ddd.eee, eth1 192.168.2.1/24. So, which interface holds the IP of 192.168.3.2/30? Please advice. Thank you. Calvin ----- Original Message ----- From: "Claudiu Pruna" <claudiu@xxxxxxxxxx> To: "kaiwen" <cal_kaiwen@xxxxxxxxxxx> Sent: Monday, February 16, 2004 4:52 PM Subject: Re: Testing IP Tunnel (IPIP) on Private Network > The point is that I am not sure that tunneling will cross nat, if the > middle router is doing nat for your lan, if it does, than I suggest > using other kind of tunneling, like openvpn which you can find at > http://openvpn.sf.net. What I want to say is that best for you is to > have both ends of the tunnel on routers with routable ip's. So let's > consider this: > > > 192.168.1.1/24 xxx.yyy.zzz.ttt bbb.ccc.ddd.eee > eth1 eth1 > +-----+ +----------+ eth0 eth0+----------+ +-----+ > | Lan1|<->| Router A | <========================> | Router B |<->|LAN 2| > +-----+ +----------+ INTERNET +----------+ +-----+ > 192.168.2.1/24 > ^ ^ > | IPIP Tunnel | > +=======================================+ > 192.168.3.1/30 192.168.3.2/30 > > > On router A: > ip tunnel add mylan local xxx.yyy.zzz.ttt remote bbb.ccc.ddd.eee ttl 255 > ip address add mylan 192.168.3.1 peer 192.168.3.2 dev mylan > ip link set mylan up > ip route add 192.168.2.0/24 via 192.168.3.2 > > > On router B: > ip tunnel add mylan local bbb.ccc.ddd.eee remote xxx.yyy.zzz.ttt ttl 255 > ip address add mylan 192.168.3.2 peer 192.168.3.1 dev mylan > ip link set mylan up > ip route add 192.168.1.0/24 via 192.168.3.1 > > > > The ideea is that the new crated interfaces (tunnel ends) have their ip > address which are used as gateways to reach the other end LAN > > > > If you don't have root access on Router B, than the solution left is > another router (Router C) between Router B and LAN 2. And here you have > two cases: > > 1) If Router C will have routable ip address, than, everithing is as > above, but you do all the mess on Router C instead of Router B. > > 2) If Router C is behind NAT, than you shure do have to check on openvpn > or some other kind of tunneling that works on sockets and which pass > through nat, and considering you use openvpn, on router A use the > "--float" option and don't specify an remote address. > > > That's about it. > > Bye > > > On Fri, 2004-02-13 at 12:27, kaiwen wrote: > > Hi, > > > > Hmmm, I will go on testing with Network Diagram B, hwre ethere is a presence > > of a third router. > > My first try on testing shows failure. I can see activity in Tx, but not Rx. > > > > Question: > > (1) If it is a Tunnel, is setting up proper route between those routers > > important? > > > > Sorry for late reply, was bz with some other stuffs. WIll get back wif any > > new findings :) > > > > Thank you > > Calvin > > > > ----- Original Message ----- > > From: "Claudiu Pruna" <claudiu@xxxxxxxxxx> > > To: <cal_kaiwen@xxxxxxxxxxx> > > Cc: <lartc@xxxxxxxxxxxxxxx> > > Sent: Tuesday, February 10, 2004 3:00 PM > > Subject: Testing IP Tunnel (IPIP) on Private Network > > > > > > > The problem is that each router on each end of a tunnel, respectively > > > decapsulating the ip packets received from its tunnel peer end, so if > > > you can configure only one router, there is no one to decapsulate the > > > tunneling information received from router A. A good try for you should > > > be trying a third router as you have mentioned, behind the router you > > > don't have access to > > > > > > Hi,=20 > > > > > > Does IP Tunnel (IPIP) works on Provate Network. > > > > > > I read some howtos, most network which implement IP Tunnel (IPIP) are as = > > > below:- > > > > > > (LAN) Router A ----- Internet ------- Router B (LAN)=20 > > > > > > (1) IP Tunnel is build up from Router A to Router B > > > (2) Host behind Router A can communicate with host behind Router B > > > > > > Looking at this network, I have to configure 2 Routers, both uses = > > > different Gateway to Internet. > > > The problem is, I have access to only one Router. :( > > > > > > > > > > > > Can I simulate IP Tunnel using the following Network? > > > > > > (LAN) Router A ----- Router C ------- Router B (LAN)=20 > > > > > > (1) All routers ar on Private Network > > > (2) Using 3 Routers, I can segment 3 networks > > > (3) IP Tunnel is build from ROuter A to ROuter B > > > > > > Please advice. Let me know if I got Ip Tunnel (using IPIP) concept = > > > wrong.=20 > > > I tried on the second network diagram using "ip tunnel" and "ip route", = > > > but is not working. > > > > > > Thank you, > > > Calvin > > > -- > > > Claudiu Pruna <claudiu@xxxxxxxxxx> > > > > > > > -- > Claudiu Pruna > GPS Birotic SRL > Network Administrator > mail: claudiu.pruna@xxxxxxxxx > web: http://www.gpsnet.ro > tel: +40.21.231.59.79 > fax: +40.21.231.59.78 > mobil: +40.0723.63.89.89 > > _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
