« Home | How can I have two default routes? » | Revealing your routing tables » | Where do the IP addresses come from? » | Just what is routing? » | Mysql Database Backup Script » | Listing files by size » | Where am i always » | Possible to get the administrator password ? » | 11 Unix Tricks » | Who sent me mail » 

Friday, March 17, 2006 

How to create IP-IP tunnel between FreeBSD and Linux

Sometimes, I need to connect remote Unix servers with tunnels to provide some specific services or to get access to some internal networks. I was very surprised, when my friend, young system administrator, asked me about how to bring up IP-IP tunnel between different Unix operating systems (FreeBSD and Linux in his case) and said, that he can’t find information about this configuration. As the result of my discovering, this HOWTO has been created.

Lets see to what we have and what we need to do.

We have 2 servers:

  • Server1:
    • OS: Linux
    • Network Interface: eth0
    • IP: 100.100.100.100
  • Server2:
    • OS: FreeBSD
    • Network Interface: fxp0
    • IP: 200.200.200.200

We need to get IPv4 over IPv4 tunnel with the following parameters between described servers:

  • Server1: 10.0.0.1 / 255.255.255.252
  • Server2: 10.0.0.2 / 255.255.255.252

To setup described configuration on Linux server we need to do following steps:

  • Create ipip tunnel interface:
    # ip tunnel add tun0 mode ipip > remote 200.200.200.200 local 100.100.100.100 dev eth0

  • Set interface IP addresses:
    # ifconfig tun0 10.0.0.1 netmask 255.255.255.252 > pointopoint 10.0.0.1

  • Set interface MTU and bring interface up:
    # ifconfig tun0 mtu 1500 up

Now we have following interface on the Linux server:

linux:~# ifconfig tun0
tun77 Link encap:IPIP Tunnel HWaddr
inet addr:10.0.0.1 P-t-P:10.0.0.2 Mask:255.255.255.252
UP POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:504 (504.0 b) TX bytes:624 (624.0 b)

Now, we need to create tunnel point at the FeeeBSD server:

  • Create gif tunnel interface:
    # # ifconfig gif0 create

  • Set interface transport IP addresses:
    # gifconfig gif0 inet 200.200.200.200 100.100.100.100

  • Set interface IP addresses:
    # ifconfig gif0 10.0.0.2 netmask 255.255.255.252 10.0.0.1

  • Set interface MTU and bring interface up:
    # ifconfig gif0 mtu 1500 up

The result at the FreeBSD side is following:

# ifconfig gif0
gif0: flags=8051 mtu 1500
tunnel inet 200.200.200.200 –> 100.100.100.100
inet 10.0.0.2 –> 10.0.0.1 netmask 0xfffffffc

To check the result we can use ping utility at linux side:

linux:~# ping -c 4 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.139 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.138 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.138 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.136 ms

— 172.17.0.1 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.136/0.137/0.139/0.014 ms

That is all! Now we have “direct” connection between our two servers and we are able to do some routing via this link.

Links to this post

Create a Link

About me

  • I'm Adrian
  • From Manila, Philippines
  • Humankind cannot gain anything without first giving something in return. To obtain, something of equal value must be lost. That is alchemy's first law of Equivalent Exchange.
My profile

Links

    Add to Google Add Mox Diamond to Newsburst from CNET News.com Subscribe in NewsGator Online Subscribe in FeedLounge Add to netvibes
Powered by Blogger
and Blogger Templates