NetBSD/usr.sbin/greconfig/README.gre

75 lines
3.0 KiB
Plaintext

$Id: README.gre,v 1.3 1998/10/31 13:07:02 hwr Exp $
---------------------------------------------------------------------------
A GRE Tunnel for NetBSD
Heiko W.Rupp
<hwr@pilhuhn.de>
This is a very alpha implementation of GRE packet encapsulation.
Generic Route Encapsulation (GRE) is described in RFC 1701 and 1702.
The interface also supports IPIP (protocol 4) encapsulation,
as described in RFC 2003 and MOBILE (protocol 55) as of RFC 2004 but
default is GRE mode.
Basically GRE allows to tunnel not only IP over IP, but also provides
for other protocols like Appletalk etc. Cisco routers do their multicast
tunnels over GRE (1). The hope is, that with GRE encapsulation, a method
is found to encapsulate all other protocols with one mechanism and reduce
the need for own tunneling in ip_mroute etc.
This implementation is (as said) still alpha, but works for me.
Successful testing has been done for GRE encapsulation with Cisco routers
and NetBSD boxes as remote and with Cisco routers and Linux 2.0.35 for
IPIP encapsulation.
The files:
net/if_gre.[ch] : output interface, encapsulates packets.
netinet/ip_gre.[ch]: input part, deencapsulates packets. Is IP only
at the moment and only supports GRE without options.
netinet/in.h : Addition of IPPROTO_GRE
netinet/in_proto.c : Addition of protocol switch for GRE , additional
protocol switch for IPIP, when MROUTING is not
defined.
conf/files : mention new files for GRE
greconfig.c : Utility to set/display tunnel endpoints / mode.
greconfig.8 : Manpage for greconfig.
gre.4 : Documentation of driver plus example.
Installation:
On NetBSD: add "pseudo-device gre <n>"
to your kernel config file with <n> being the number of tunnel interfaces
you want. Then recompile and install the new kernel.
Also compile greconfig.c: cc -o greconfig greconfig.c
Grectl is used to set/display tunnel endpoints. In case when IP is
encapsulated, this is not needed, but e.g. in the AppleTalk over IP
case.
Todos/Bugs:
Support other protocols for encapsulation
The compute_route() code in if_gre.c toggles the last bit of the
IP-address to provoke the search for a less specific route than the
one directly over the tunnel to prevent loops. This is possibly not
the best solution.
GRE RFC not yet fully implemented (no GRE options), no other protocols
yet than IP over IP.
RFC 2003 also not yet fully supported wrt. options etc.
Code quality is surely not best and possibly not near anything like KNF
Traceroute does not work yet over the tunnel :(
BPF does probably not yet work (it might, but last time I looked,
it bombed, so I #if 0'd it out). And also only in outgoing
direction.
---------------------------------------------------------------------------
(1) tunnels that end on a mrouted have tunnel mode DVMRP set