$Id: README.gre,v 1.4 1999/01/26 21:32:39 hwr Exp $ --------------------------------------------------------------------------- A GRE Tunnel for NetBSD Heiko W.Rupp This is a very alpha implementation of GRE packet encapsulation. Generic Route Encapsulation (GRE) is described in RFC 1701 and 1702. The interface also supports MOBILE (protocol 55) as of RFC 2004 but default is GRE mode. Basically GRE allows to tunnel not only IP over IP, but also provides for other protocols like Appletalk etc. Cisco routers do their multicast tunnels over GRE (1). The hope is, that with GRE encapsulation, a method is found to encapsulate all other protocols with one mechanism and reduce the need for own tunneling in ip_mroute etc. This implementation is (as said) still alpha, but works for me. Successful testing has been done for GRE encapsulation with Cisco routers and NetBSD boxes as remote. The files: net/if_gre.[ch] : output interface, encapsulates packets. netinet/ip_gre.[ch]: input part, deencapsulates packets. Is IP only at the moment and only supports GRE without options. netinet/in.h : Addition of IPPROTO_GRE netinet/in_proto.c : Addition of protocol switch for GRE conf/files : mention new files for GRE greconfig.c : Utility to set/display tunnel endpoints / mode. greconfig.8 : Manpage for greconfig. gre.4 : Documentation of driver plus example. Installation: On NetBSD: add "pseudo-device gre " to your kernel config file with being the number of tunnel interfaces you want. Then recompile and install the new kernel. Also compile greconfig.c: cc -o greconfig greconfig.c Grectl is used to set/display tunnel endpoints. In case when IP is encapsulated, this is not needed, but e.g. in the AppleTalk over IP case. Todos/Bugs: Support other protocols for encapsulation The compute_route() code in if_gre.c toggles the last bit of the IP-address to provoke the search for a less specific route than the one directly over the tunnel to prevent loops. This is possibly not the best solution. GRE RFC not yet fully implemented (no GRE options), no other protocols yet than IP over IP. Code quality is surely not best and possibly not near anything like KNF Traceroute does not work yet over the tunnel :( BPF does probably not yet work (it might, but last time I looked, it bombed, so I #if 0'd it out). And also only in outgoing direction. --------------------------------------------------------------------------- (1) tunnels that end on a mrouted have tunnel mode DVMRP set