I'm still stuck on this one and could really use some help. I just
finished trying it on an FC3 box too to make sure it wasn't CentOS specific
issue but there's still no output from tcpdump.
I also spent some time looking over Cisco examples to make sure I wasn't
misremembering the concepts. No surprises there.
Does anyone have any ideas or can someone suggest a more appropriate
forum for the question?
Thanks!!
On 6/21/07 11:52 AM, "Greg Hartung" <ghartung@photobucket.com> wrote:
>
> I am trying to setup GRE between two CentOS 4.5 boxes. I have tried
> several variations of what's listed below, but none of them work.
>
> box1:
> modprobe ip_gre
> ip link set gre0 up
> ip tunnel add gretun mode gre local 66.1.1.161 remote 66.1.2.161 ttl 20 dev
> eth0
> ip addr add dev gretun 10.253.253.1 peer 10.253.253.2/24
> ip link set dev gretun up
> ip route add 10.2.0.0/16 via 10.253.253.2
>
> box2:
> modprobe ip_gre
> ip link set gre0 up
> ip tunnel add gretun mode gre local 66.1.2.161 remote 66.1.1.161 ttl 20 dev
> eth0
> ip addr add dev gretun 10.253.253.2 peer 10.253.253.1/24
> ip link set dev gretun up
> ip route add 10.1.0.0/16 via 10.253.253.1
>
> tcpdump shows NO rx or tx traffic from either box that isn't ARP or SSH.
>
> It's as if it's not even trying to bring the tunnel up. I'm a Cisco guy,
> so I'm lost with my show commands.
>
> The other variations I've tried consist mostly of trying different
> combinations of on-net (in the same subnet as eth0 and even the same address
> as eth0) and off-net (various combinations of loopback /24 and /32 addresses
> in separate 10 space) on the 'ip addr add dev gretun' statements. But the
> above example is what *should* work on a Cisco, I think. It's been a
> while.
>
> How do I troubleshoot this? This is all I've got so far:
>
> root@den1tun01:/home/root $ ip link
> 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> 2: eth0: <BROADCAST,MULTICAST,UP> mtu 8800 qdisc pfifo_fast qlen 1000
> link/ether 00:19:b9:dd:ff:d9 brd ff:ff:ff:ff:ff:ff
> 3: eth0.2: <BROADCAST,MULTICAST,UP> mtu 8800 qdisc noqueue
> link/ether 00:19:b9:dd:ff:d9 brd ff:ff:ff:ff:ff:ff
> 4: gre0: <NOARP,UP> mtu 1476 qdisc noqueue
> link/gre 0.0.0.0 brd 0.0.0.0
> 5: gretun@eth0: <POINTOPOINT,NOARP,UP> mtu 8776 qdisc noqueue
> link/gre 66.1.1.161 peer 66.1.2.161
>
> root@den1tun01:/home/root $ ip tun
> gre0: gre/ip remote any local any ttl inherit nopmtudisc
> gretun: gre/ip remote 66.1.2.161 local 66.1.1.161 dev eth0 ttl 20
>
> root@den1tun01:/home/root $ ifconfig
> eth0 Link encap:Ethernet HWaddr 00:19:B9:DD:FF:D9
> inet addr:10.1.2.243 Bcast:10.1.3.255 Mask:255.255.254.0
> UP BROADCAST RUNNING MULTICAST MTU:8800 Metric:1
> RX packets:3357 errors:0 dropped:0 overruns:0 frame:0
> TX packets:484 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:230757 (225.3 KiB) TX bytes:63937 (62.4 KiB)
> Interrupt:169 Memory:f8000000-f8011100
>
> eth0.2 Link encap:Ethernet HWaddr 00:19:B9:DD:FF:D9
> inet addr:66.1.1.161 Bcast:66.1.1.191 Mask:255.255.255.192
> UP BROADCAST RUNNING MULTICAST MTU:8800 Metric:1
> RX packets:950 errors:0 dropped:0 overruns:0 frame:0
> TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:43860 (42.8 KiB) TX bytes:1200 (1.1 KiB)
>
> gretun Link encap:UNSPEC HWaddr
> 42-0B-33-A1-FF-C0-00-00-00-00-00-00-00-00-00-00
> inet addr:10.253.253.1 P-t-P:10.253.253.2 Mask:255.255.255.0
> UP POINTOPOINT RUNNING NOARP MTU:8776 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:0 (0.0 b) TX bytes:756 (756.0 b)
>
> gre0 Link encap:UNSPEC HWaddr
> 00-00-00-00-FF-00-00-00-00-00-00-00-00-00-00-00
> UP RUNNING NOARP MTU:1476 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:225 errors:0 dropped:0 overruns:0 frame:0
> TX packets:225 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:13271 (12.9 KiB) TX bytes:13271 (12.9 KiB)
>
>
> I've also tried changing the destination for the route to the near end of
> the private subnet and tried pinging various things on the tunnel subnet and
> remote network to create "interesting traffic" to bring the tunnel up but
> tcpdump still shows nothing.
>
> Then I noticed that ping does show an error count:
>
> [root@den1tun01 ~]# ping 10.253.253.2
> PING 10.253.253.2 (10.253.253.2) 56(84) bytes of data.
>> From 10.253.253.1 icmp_seq=0 Destination Host Unreachable
>> From 10.253.253.1 icmp_seq=1 Destination Host Unreachable
>
> --- 10.253.253.2 ping statistics ---
> 2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1000ms
> , pipe 2
>
> I can ping the local end: 10.253.253.1, but the tunnel is still
> non-functinoal.
>
> Thanks!
> Greg
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
|