Linux Solutions

Welcome to the tutorial guide. The guide will provide a user with advise and guidance on GRE and tunnels. Please note that there are 3 kinds of tunnels in Linux. They are
IP in IP tunneling,
GRE tunneling and
tunnels that live outside the kernel such as PPTP.

Please note that the Tunnels can be used to do interesting things, but they can also affect things if they go wrong. A reason for the tunnels to go wrong is usually when a user doesn’t configure the tunnels in a right manner. Tunnelling can increase the overhead, because it needs an extra set of IP headers. Typically this is 20 bytes per packet, so if the normal packet size (MTU) on a network is 1500 bytes, a packet that is sent through a tunnel can only be 1480 bytes big. It is recommended that a user should read up on IP packet fragmentation/reassembly when he or she plans to connect large networks with tunnels..
IP in IP tunneling
IP in IP tunnelling requires 2 kernel modules, ipip.o and new_tunnel.o. If a user has three networks Let’s say you have 3 networks: Internal networks A and B, and intermediate network C
For a network A, we hase:
network 10.0.1.0
netmask 255.255.255.0
router 10.0.1.1
The router has address 172.16.17.18 on network C.
and network B:
network 10.0.2.0
netmask 255.255.255.0
router 10.0.2.1
The router has address 172.19.20.21 on network C.
As far as network C is concerned, we assume that it will pass any packet sent from A to B and vice versa.
A user needs to ensure that the modules are installed:
insmod ipip.o
insmod new_tunnel.o
Then, on the router of network A, a user can carry out following:
ifconfig tunl0 10.0.1.1 pointopoint 172.19.20.21
route add -net 10.0.2.0 netmask 255.255.255.0 dev tunl0
And on the router of network B:
ifconfig tunl0 10.0.2.1 pointopoint 172.16.17.18
route add -net 10.0.1.0 netmask 255.255.255.0 dev tunl0
If a user has finished with the tunnel:
ifconfig tunl0 down
Please note that a user can not forward broadcast or IPv6 traffic through an IP-in-IP tunnel. A user can connect 2 IPv4 networks that and this code is compatible all the way back to 1.3 kernels. Please note that the Linux IP-in-IP tunneling doesn’t work with other Operating Systems or routers,

GRE tunneling
A user can transport multicast traffic and IPv6 through a GRE tunnel. Please note that a user will need the ip_gre.o module in Linux.
IPv4 Tunneling
If a user has 3 networks: Internal networks A and B, and intermediate network C.
Network A looks like this:
network 10.0.1.0
netmask 255.255.255.0
router 10.0.1.1
The router has address 172.16.17.18 on network C. A user cancall this network neta

Network B looks like this:
network 10.0.2.0
netmask 255.255.255.0
router 10.0.2.1

The router has address 172.19.20.21 on network C. A user can call this network netb
As far as network C is concerned, we assume that it will pass any packet sent from A to B and vice versa. How and why, we do not care.
On the router of network A, a user can go through the following:
ip tunnel add netb mode gre remote 172.19.20.21 local 172.16.17.18 ttl 255
ip link set netb up
ip addr add 10.0.1.1 dev netb
ip route add 10.0.2.0/24 dev netb
In line 1, a user added a tunnel device, and called it netb. Also, the GRE protocol (mode gre) is used, the remote address is 172.19.20.21, tunneling packets should originate from 172.16.17.18 and that the TTL field of the packet is set to 255 (ttl 255).
Please note that the second line enables the device.
In the third line, a user gave the newly born interface netb the address 10.0.1.1. This is ok if a user is planning for small networks, but if a user is looking for mining expedition which means lots of tunnels that a user should consider using another IP range for tunneling interfaces.
In the fourth line a user can set the route for network B. There is a different notation for the netmask and if a user is not familiar with this then he/she can write out the netmask in binary form, and a user has to count all the ones. If a user finds this complicate then he/she should remember that 255.0.0.0 is /8, 255.255.0.0 is /16 and 255.255.255.0 is /24. Oh, and 255.255.254.0 is /23, in case you were wondering.
Let’s have a look at the router of network B.
ip tunnel add neta mode gre remote 172.16.17.18 local 172.19.20.21 ttl 255
ip link set neta up
ip addr add 10.0.2.1 dev neta
ip route add 10.0.1.0/24 dev neta
And when you want to remove the tunnel on router A:
ip link set netb down
ip tunnel del netb

A user can replace netb with neta for router B.

If you followed advise and guidance as provided in the tutorial guide then you would have learnt about GRE and other tunnels.