IPIP Tunneling Question

IPIP Tunneling Question

Post by Anon » Thu, 13 Jan 2000 04:00:00



This message was posted anonymously:

Hi,

I have been trying to establish a tunnel between
two linux boxes (v2.2.9). I have been successful, but only
if I have reciprocal tunnels on each machine configured.

I would prefer not to have the reverse tunnel established.
What follows is a description of the case where the
encapsulation does not work.

I have two boxes (Box A and Box B). I am trying to send
an IPIP encapsulated datagram from Box A to Box B. I want
packets from B to A to return unencapsulated. My assumption
is that I would not establish the tunnel device on Box B.
When the tunnel is not configured on B, tcpdump (on B) shows
that
an ICMP message of protocol unreachable is returned (to A)
for
the udp protocol. For a test, I tried sending a udp
packet (thus the udp protocol unreachable). When I tried
with
other protocols, I received the equivalent protocol
unreachable
ICMP message. BTW, these protocols work without the
IPIP encapsulation. In this situation, I have loaded the
ipip
module on box B.

I think I am trying to implement triangle routing as in
Mobile IP. I have looked at some of the mobile IP
implementations
on the net and I don't seem to be doing anything different.
Is
my assumption correct that I do not need to establish the
reverse
tunnel?

I looked at the ipip.c code and the function ipip_rcv
seems to requires the existence of a reciprocal tunnel on
the receiver
of the ipip datagram or the Protocol Unreachable ICMP
message
is sent. There is a line that checks to see if an equivalent
tunnel exists and if not the ICMP message is sent. Am I
interpreting this correctly?

Any help would be greatly appreciated.

Thanks,

Bruce

 
 
 

1. 2.1.131 and ipip tunnel questions

I'm trying to get tunnels working under 2.1.131 and have
some basic questions....

1. after insmod ipip.o there is only one tunl0 device.
Is there a way to get get more tunlX devices?

2. Is iproute required?  I have the latest (981205) compiled, when
I run it I get:
    localhost# ip tunnel add tunl0 mode ipip remote 192.168.2.1
    ioctl: No buffer space available
    localhost#

3. There where some mention an old README on the iproute ftp site that
mentioned that there where 2.1 kernel mod's required (did I read that
right?) but this was for some fairly old (last august) versions of
the kernel. Are the patches still required? Are there any new ones for
later kernels?

What I'm trying to do is get three sites tunnelled together to
form an intranet. So each router will need (at least) two tunnel
devices (well two tunnels, does iproute allow one tunnel interface
to do this?).

Thanks....

~
~                        
--

PGP Fingerprint: 28 E2 A0 15 99 62 9A 00  88 EC A3 EE 2D 1C 15 68

2. Can you use -bash in /etc/profile?

3. ipip tunnel won't tunnel

4. Basic primer on how to use GCC

5. Does Linux IPIP tunnelling work with Cisco NOS tunnels?

6. NIS & tcp_wrappers

7. ipip tunnels

8. Byteserving pdf documents

9. IPIP tunnels

10. gated and ios: OSPF over ipip-tunnel

11. IPIP Tunnelling "Network is Unreachable"

12. IPIP Tunnel difficulties. Help anyone?

13. RTFM doesn't help on ipip tunneling