Hi Martin, If I understand your question correctly you need 2 endpoints to the tunnel...
for gif(4) or any gre((4) based tunnel you need the interface setup on both the client and the server (gateway) if you have a gateway serving multiple clients... then you need one interface per client that you intend to connect Thanks Tom Smyth On Fri, 8 May 2020 at 17:38, Martin <martin...@protonmail.com> wrote: > > Thanks for confirmation. > > Hope I understand gif(4) functionality right from its configuration. Can I > set /etc/hostname.gif0 from client's side only like below: > > /etc/hostname.gif0 > tunnel 10.20.30.40 195.203.212.221 > inet6 alias 2001:05a8:0000:0001:0000:0000:0000:8542 128 > dest 2001:05a8:0000:0001:0000:0000:0000:8541 > > where > tunnel 10.20.30.40 is client's address, 195.203.212.221 gateway machine > egress IPv4 > inet6 alias is the same IPv6 address of client's IPv6 local interface or an > IPv6 address in the same subnet. > dest IPv6 is a destination IPv6 interface address of gateway machine. > > Do I need to setup gif0 on gateway machine to have encapsulation working? > > Martin > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Friday, May 8, 2020 1:43 PM, Kristjan Komlosi <kristjan.koml...@gmail.com> > wrote: > > > gif(4) should work fine, as it's designed to do what you described. The > > best approach depends on the level of security you want to achieve. IPIP > > tunnels aren't encrypted... > > > > regards, kristjan > > > > On 5/8/20 3:32 PM, Martin wrote: > > > > > I have IPv6 unidirectional tunnel between two machines. One of them is > > > gateway, another one is a client. > > > The goal is to route IPv4 packets over IPv6 tunnel from client to gateway > > > and NAT IPv4 packet to egress on gateway machine. > > > May I use gif(4) for it or what is the best approach to traverse IPv4 > > > packets over IPv6 tun? > > > Martin > > -- Kindest regards, Tom Smyth.
