I have been using tunneling from my laptop to a server in my office, both running kernel 2.0.x, without any problems. I'm now trying to upgrade my laptop to kernel 2.2.1, and am having trouble figuring out how to set up my side of the tunnel. I've look in the mailing list archives and downloaded ftp://ftp.inr.ac.ru/ip-routing/iproute2-current.tar.gz, but haven't found anything to explain the overall approach for configuring tunnels under the new kernel. In my current setup, I am tunneling one IP number for my laptop, which does not have an ethernet interface (only the PPP link). tunl0: aaa.aaa.aaa.LLL laptop | | ppp: zzz.zzz.zzz.PPP | (internet) | | eth0: aaa.aaa.aaa.EEE | server tunl0: aaa.aaa.aaa.SSS Where all the addresses are the same from session to session except zzz.zzz.zzz.PPP, which is dynamically assigned by my ISP. On the laptop, my routes look like: Destination Gateway Genmask Flags Metric Ref Use Iface zzz.zzz.zzz.PPP * 255.255.255.255 UH 0 0 0 ppp0 aaa.aaa.aaa.SSS * 255.255.255.255 UH 0 0 3 ppp0 default * 0.0.0.0 U 0 0 5 tunl0 If config looks like: ppp0 Link encap:Point-to-Point Protocol inet addr:zzz.zzz.zzz.PPP P-t-P:zzz.zzz.zzz.xxx Mask:255.255.255.0 [...] tunl0 Link encap:IPIP Tunnel HWaddr inet addr:aaa.aaa.aaa.LLL P-t-P:aaa.aaa.aaa.SSS Mask:255.255.255.255 [...] (On the server, they look like: aaa.aaa.aaa.SSS 0.0.0.0 255.255.255.255 UH 0 0 0 eth0:0 aaa.aaa.aaa.LLL 0.0.0.0 255.255.255.255 UH 0 0 4 tunl0 aaa.aaa.aaa.0 0.0.0.0 255.255.255.0 U 0 0 4995 eth0 default aaa.aaa.aaa.gw 0.0.0.0 UG 1 0 70137 eth0 and tunl0 Link encap:IPIP Tunnel HWaddr inet addr:aaa.aaa.aaa.SSS P-t-P:zzz.zzz.zzz.PPP Mask:255.255.255.0 [...] On the server, I also do: arp -s aaa.aaa.aaa.LLL -D eth0 pub ) When I reboot with 2.2.1 on the laptop and issue the following commands: insmod ipip ip tunnel add tunl1 mode ipip remote aaa.aaa.aaa.SSS local zzz.zzz.zzz.PPP ifconfig tunl1 aaa.aaa.aaa.LLL and then add a route to some address, say add route -host aaa.aaa.aaa.EEE dev tunl1 and then watch the PPP link with tcpdump, it looks like packets to aaa.aaa.aaa.EEE are correctly sent to aaa.aaa.aaa.SSS as encapsulated packets. However, packages that arrive for LLL cause the generation of "protocol ## not available" ICMP replies. The same happens if I ping aaa.aaa.aaa.LLL from the server. I assume this means the tunnel is somehow not active on the laptop end. I tried "echo 1 > /proc/sys/net/ipv4/ip_forward", but it didn't seem to make any difference. I also browsed the Alan Cox patches (patch-2.2.1-ac5) but it didn't look like ipip.c or ip_forward.c get patched so I'm thinking its not necessary for what I'm trying to do. My questions: 1. What am I missing? 2. Is there a web site or document I should be looking at for this info? 3. Do I need patches to get ipip tunneling to work in 2.2.1? 4. Is 2.0.x ipip.o/new_tunnel.o tunneling interoperable with 2.2.1 mode ipip tunneling? 5. Where can I find more info on the "ip" command? (I didn't find any documentation on it in the iproute2 package, or in that directory on the FTP site.) 6. I have seen mention if "iptunnel" and "iproute" commands in the mailing list archives. Are these just earlier incarnations of utilities that have since been combined in the iproute2 "ip" command? Thanks. Nathan ---------------------------------------------------------------------------- Nathan Treadway | Ray Ontko & Co. | Software consulting services [EMAIL PROTECTED] | Richmond, IN | http://www.ontko.com/ - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
