Re: IP Tunneling

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



If I'm going over stuff covered already on this list, please let me know!! Sorry... this is my first post!!

If you've just used the iptunnel command, you'll also need to use ifconfig with the pointopoint type to set up an interface to route traffic through. The IP address's on either end of the point to point interface should be the IP's you want to route traffic between once you've reached the subnets at each end of the tunnel. If you want to route more traffic across the link you use "ip route add 10.0.0.0/24 dev ipiptunnelname" or similar.

Also, you can view the traffic either encapsulated, by running tcpdump on your physical interface, or un-encapsulated by running it on your pointopoint interface.

Dan!

On 27 Apr 2005, at 09:22, Taylor, Grant wrote:

Hello
I have looked at SSH tunneling, but what I know I think that's not the
best solution for me. After some research, IPIP or GRE tunnel seems to fit
me best. But I don't find any good documentation, neither the LARTC howto
is brings up my problem.
I'd figured out that I will use iptunnel or similar to set up an
IPIP-tunnel, like:
iptunnel add dev tunl1 mode ipip local a.b.c.d remote e.f.g.h
and the same on the other side (just switching local and remote addresses)
to tunnel the public IP address e.f.g.h (on the /25-box) to tunl0 at
a.b.c.d (my public IP at home). But the connection betweeen me and the
remote host freezes, so I guess that's not enough. What more do I have to
do?

Is the ""freeze that you are talking about data through the tunnel or is it the initialization it's self? If it is the former, check to make sure that your firewall is not blocking traffic that would be flowing through the tunnel. Namely if your filter table FORWARD chain policy is set to DROP and you don't have an explicit allow for traffic flowing through the tunnel interface you will not be able to get things to work. I'll have to play with GRE / IPIP tunnels to see if I can offer any advice.




Grant. . . .
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux