Hi, I have been trying to establish a tunnel between two linux boxes (v2.2.9). I have been successful, but only if I have reciprocal tunnels on each machine configured. I would prefer not to have the reverse tunnel established. What follows is a description of the case where the encapsulation does not work. I have two boxes (Box A and Box B). I am trying to send an IPIP encapsulated datagram from Box A to Box B. I want packets from B to A to return unencapsulated. My assumption is that I would not establish the tunnel device on Box B. When the tunnel is not configured on B, tcpdump (on B) shows that an ICMP message of protocol unreachable is returned (to A) for the udp protocol. For a test, I tried sending a udp packet (thus the udp protocol unreachable). When I tried with other protocols, I received the equivalent protocol unreachable ICMP message. BTW, these protocols work without the IPIP encapsulation. In this situation, I have loaded the ipip module on box B. I think I am trying to implement triangle routing as in Mobile IP. I have looked at some of the mobile IP implementations on the net and I don't seem to be doing anything different. Is my assumption correct that I do not need to establish the reverse tunnel? I looked at the ipip.c code and the function ipip_rcv seems to requires the existence of a reciprocal tunnel on the receiver of the ipip datagram or the Protocol Unreachable ICMP message is sent. There is a line that checks to see if an equivalent tunnel exists and if not the ICMP message is sent. Am I interpreting this correctly? Any help would be greatly appreciated. Thanks, Bruce Cilli --------------------------------------------- This message was sent using MI-Webmail. No matter where you are, never lose touch. Get your Email using MI-Webmail. http://www.monmouth.com/ - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
