IP Tunneling between linux servers using IP GRE Tunneling
Network A : 192.168.92.6 (Public IP) ( IPs tunnel from the server )-source
10.200.10.1 (Private IP)
180.168.94.1 (GateWay)
Network B : 180.168.94.5 (Public IP) IPs tunnel to server )- destination
10.200.10.2 (Private IP)
180.168.94.1(GateWay)
Required modules : ip_gre
Server1 : 192.168.92.6 ( source side configuration )
Step1 :-
Before going to IP GRE Tunnel you need to check 'ip_gre' module is loaded or not, other wise install the 'ip_gre' module.
lsmod | grep ip_gre
modprobe ip_gre
Step2 :-
Enable IP Forwarding. By default IP Forwarding set to '0' Means it's Disabled. you need to enable the IP Forwarding by set the value to '1' .
echo 1 >> /proc/sys/net/ipv4/ip_forward
Enable = 1
Disable = 0
Step3 :-
Enable 'proxy_arp'. By default it set to '0'. you need to set to '1'.
Proxy_arp :-
When a computer wants to send an ip packet it first decides, wether the destination ip address is on the same LAN or the packet must be sent to a router (which must be on the same LAN).
Before it can deliver the packet to the LAN, it must know the recipient's Ethernet MAC address.
In order to determine the MAC address it sends an ARP broadcast package to the LAN asking "who has ip address a.b.c.d".
Normally only the computer with that ip address answers.
Proxy arp changes that: A computer doing proxy arp answers all ARP requests with its own MAC address.
The asking computer retrieves the MAC address and sends the packet to that computer.
echo 1 >> /proc/sys/net/ipv4/conf/eth0/proxy_arp
Enable = 1
Disable = 0
Step4 :-
Add the IP Tunnel on source server
Syntax : ip tunnel add [Tunnel name] mode gre local [source ip] remote [destination ip] ttl 255
ip tunnel add gre-mta250 mode gre local 192.168.92.6 remote 191.168.94.5 ttl 255
Step5 :-
Up the added gre tunnel
Syntax : ip link set [Tunnel name] up
ip link set gre-node21 up
Step 6 :-
Add the private or local IP to gre tunnel. you can add any IP for local addredd, but add same subnet IPs on sourece and destination .
ip addr add 10.11.22.1 dev gre-node21
route add -net 10.11.22.0/30 dev gre-mta250
In my case i will use 10.11.22.1 as source IP 10.11.22.2 as destination local ip.
Step 7 :-
Route the Destination Server IP through source server gateway.
Syntax : route add [destination IP] gw [gateway of source server] dev [interface]
route add 180.168.94.5 gw 180.168.94.1 dev eth0
Step8 :-
Route what are the IPs we need to move to destination side.
Syntax : route add [Moved IP] gw 10.11.22.1 dev gre-mta250
route add 64.20.35.68 gw 10.11.22.1 dev gre-mta250
you need to down the interface of routed IP on source side.
Suppose 64.20.35.68 interface is eth0:1
ifconfig eth0:1 down
Destination side configuration : -
Network B : 180.168.94.5 (Public IP) IPs tunnel to server )
10.200.10.2 (Private IP)
Step1 :-
Before going to IP GRE Tunnel you need to check 'ip_gre' module is loaded or not, other wise install the 'ip_gre' module.
lsmod | grep ip_gre
modprobe ip_gre
Step2 :-
Enable IP Forwarding
echo 1 >> /proc/sys/net/ipv4/ip_forward
Step3 :-
Enable 'proxy_arp'
echo 1 >> /proc/sys/net/ipv4/conf/eth0/proxy_arp
Step4 :-
Add the IP Tunnel on source server
Syntax : ip tunnel add [Tunnel name] mode gre local [source ip] remote [destination ip] ttl 255
ip tunnel add gre-mta250 mode gre local 191.168.94.5 remote 192.168.92.6 ttl 255
Step5 :-
Up the added gre tunnel
Syntax : ip link set [Tunnel name] up
ip link set gre-node21 up
Step 6 :-
Add the private or local IP to gre tunnel. you can add any IP for local addredd, but add same subnet IPs on sourece and destination .
ip addr add 10.11.22.1 dev gre-node21
route add -net 10.11.22.0/30 dev gre-mta250
In my case i will use 10.11.22.2 as source IP 10.11.22.1 as destination local ip.
Step7 :-
Route add source IPs to gateway of destination server.
Syntax : route add [IPs to Tunnel] gw [gateway of destination server] dev eth0
route add 64.20.35.67 gw 180.168.94.1 dev eth0
Step8 :-
Create the route table
echo 99999 example >>/etc/iproute2/rt_tables
ip route add default via 10.11.22.2 dev gre-node21 table example
you can give route table name as any thing.
Step9 :-
Add the Tunnel IPs to route table.
ip rule add from x.x.x.x/32 table example
ip rule add from x.x.x.x/32 table example
Step10 :-
Add the IPs on destination server.
ifconfig eth0:1 x.x.x.x netmask 255.255.255.0
ifconfig eth0:2 x.x.x.x netmask 255.255.255.0
No comments:
Post a Comment