similar to: 6.5 vpn/gre/ospf breakage

I am attempting to setup an IPSec protected GRE tunnel with a Cisco router. I believe the IPSec association is up, however I cannot move traffic over the tunnel. It is not clear how to integrate the tunnel interface (gre1) with firewall-cmd; adding the interface to trusted does not appear to 'stick'. [root at aqueduct ~]# firewall-cmd --add-interface=gre1 --zone=trusted The interface

Hi Devik/Patrik, In setting up IMQ/HTB with a GRE Tunnel I''m constantly getting kernel errors: [root@linux /root]# dmesg ... ... ... NET: XXX messages suppressed. Dead loop on virtual device gre1, fix it urgently! ... ... ... This I get only if I''m going to start cross device b/w control. If I remove iptables rule iptables -t mangle -D POSTROUTING -j IMQ then no such warning

Hi Guys, Here is our patch to allow broadcast packets over a GRE tunnel. Hopefully it might be accepted into the source someday. You need to enabled bridging and GRE tunnels in your kernel. No other options are required. The gre patch determines what type of protocol type to put in the GRE header based on the whether the packet is forwarded from a bridge or not. To use the patch: # Create

Hi, For Ethernet and others, we have a configuration file inside /etc/sysconfig/newtork-script/ like ifcfg-ethx where we specify ip address, mask, type etc... For GRE tunneling, how can I specify the parameters for tunneling device, so that I ifup-tunnel will automatically read and start the interface and I don't have to write the below scripts in my start-up file. ip tunnel add netx mode

On 12/29/2017 3:59 AM, Wojciech ?ysiak wrote: > firstly check which zone are your interface in : > > bash> firewall-cmd --get-active-zones > > then all you have to do is add a service to the firewall > > firewall-cmd --zone=<INSERT YOUR ZONE> --add-service=openvpn --permanent > > assuming that your Openvpn is running on standard port 1194/tcp|udp, > If not

fallthrough to a separate case/default label break; isn't very readable. Convert pseudo-keyword fallthrough; statements to a simple break; when the next label is case or default and the only statement in the next label block is break; Found using: $ grep-2.5.4 -rP --include=*.[ch] -n "fallthrough;(\s*(case\s+\w+|default)\s*:\s*){1,7}break;" * Miscellanea: o Move or coalesce a

I need to send multicast traffic through a GRE tunnel between two Linux routers. The tunnel works for normal IP packets, but I can''t see how to make it work for multicast. Here''s the setup: 10.10.10.0/24 LAN-B--------------RtrB-------------RtrC--------------LAN-C 192.168.2.0/24 192.168.1.0/24 RtrB interfaces: eth0

Hello, Here is my network: ------------------ ------------- ----------- Linux box ----------- GRE --------- Cisco ---------- ------------------ ------------- What I wan to accomplish. I want ripv2 to go across (both ways) through the GRE tunnel. No packets are being passed thought the GRE

I want to send a multicast packet to multiple gre tunnel, but the packet only went to where the routing table configured to. ex. when use ip route add 224.0.0.0/4 via gre0 then the packet go to gre0 when use ip route add 224.0.0.0/4 via gre1 then the packet go to gre1 when use ip route add 224.0.0.0/4 nexthop via gre1 nexthop via gre0 then the packet go to either gre or gre1

Hi, Does anyone tried to get ipip or gre tunnel behind NAT environments. ? i''m trying to make both side tunneling with ipip or gre with private address just like belows.. A -------------------FIRWWAL -------------------INET ------------------- B PRIVATE PUBLIC PUBLIC (10.100.0.1) (211.xxx.xxx.xxx) (

Hi, I have the following setup. Two linux systems with two [test] external interfaces encrypted with ipsec [transport]. Two gre tunnels that pass 10.200.0.0/24 and 10.200.1.0/24 network traffic. Testing the balanced tunnels I would setup iptraf on one and ping from the other. The results would be as expected; traffic would be split between the two interfaces. Testing with an ftp transfer of

Hi! Can I create the unnumbered GRE tunnel with iproute2 utility? Can someone provide me a link/howto/example_config how to do it? The topology is one tunnel between two linux boxes: -- eth1-|__|-eth0 <-------------> eth0-|__|-eth1 -- I''m trying now with: ip tu add tun1 mode gre local loc.IP remote rem.IP ttl 255 dev eth0 ip addr add tun1 0.0.0.0 ip link set tun1 up but it

[Disclaimer : I'm not a network engineer] Hi, In a setup where OpenVSwitch is used with GRE tunels on top of an interface provided by tinc, I'm experiencing MTU problems and I'm not sure how to fix them. The manifestation of the problem is, from the user point of view, communication hang. And using "tcpdump -i there" displays lines such as : 18:54:00.345666 IP

Hello, I connected the network 192.168.1.0 with 192.168.2.0 over the internet trough a GRE-Tunnel. I don''t know if I set up all things right: The client-pcs in both networks have a subnet mask of 255.255.255.0 and 192.168.2.x''s default gateway is the server wich has started the tunnel. The 192.168.1.x''s default gateway is 192.168.1.250 wich routes traffic destinated to

Hi, In XenServer5.6 FP1 beta, I have switched default bridge to open vswitch, I wonder how to use "xe tunnel-create" to create a GRE tunnel. my commands: xe tunnel-create pif-uuid=eth0_uuid network-uuid=network_created_by_xe_network_create then I got an uuid which is "access-PIF" of output from "xe tunnel-list". what should I do next? how to set remote_ip

Hi, In a setup where OpenVSwitch is used with GRE tunels on top of an interface provided by tinc, I'm experiencing significant performance degradation problems (from 100Mb/s down to 1Mb/s in the worst case) and I'm not sure how to fix this. The manifestation of the problem is, from the user point of view, iperf reports ~100Mb/s and rsync reports ~1Mb/s: $ iperf -c 91.224.149.132

Looking for some advise from the experts out there. We do simple traffice shaping and I''m having trouble figuring out how to shape vpn traffic using a tc filter. The following filter works fine for SSH tc filter add dev eth2 parent 1:0 protocol ip u32 match ip sport 22 0xffff classid 1:10 The following throws and "Illegal match" error when trying to filter GRE traffic. tc

Hi, I am setting up crashkernel and was wondering where I get the kernel-debug rpm for centosplus kernels. Thanks, -- Stephen Clark *NetWolves Managed Services, LLC.* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark at netwolves.com http://www.netwolves.com

Hello Lartc Mailing List: Been working on something the last week and a half and ALMOST have it working.., just need a few pointers from the wizards on this mailing list to nail it. Ok, my setup is a hub and spoke arrangement, hub is Cisco 2821 with IOS 12.4. Spokes are ruggencom RX1000 routers, Debian based with the following versions installed: rx1000test:~# uname -a Linux rx1000test

Hi, I got a problem similar to this one (http://mailman.ds9a.nl/pipermail/lartc/2005q4/017614.html), GRE tunnel can forward normal IP packets such as ICMP but failed to tunnel multicast traffics. Here''s the setup: 192.168.20.0/24 LAN-A--------------RtrA-------------RtrB--------------LAN-B 192.168.50.0/24 192.168.60.0/24 RtrA