75 lines
3.0 KiB
Plaintext
75 lines
3.0 KiB
Plaintext
$Id: README.gre,v 1.3 1998/10/31 13:07:02 hwr Exp $
|
|
---------------------------------------------------------------------------
|
|
A GRE Tunnel for NetBSD
|
|
|
|
Heiko W.Rupp
|
|
<hwr@pilhuhn.de>
|
|
|
|
This is a very alpha implementation of GRE packet encapsulation.
|
|
Generic Route Encapsulation (GRE) is described in RFC 1701 and 1702.
|
|
The interface also supports IPIP (protocol 4) encapsulation,
|
|
as described in RFC 2003 and MOBILE (protocol 55) as of RFC 2004 but
|
|
default is GRE mode.
|
|
|
|
Basically GRE allows to tunnel not only IP over IP, but also provides
|
|
for other protocols like Appletalk etc. Cisco routers do their multicast
|
|
tunnels over GRE (1). The hope is, that with GRE encapsulation, a method
|
|
is found to encapsulate all other protocols with one mechanism and reduce
|
|
the need for own tunneling in ip_mroute etc.
|
|
|
|
This implementation is (as said) still alpha, but works for me.
|
|
Successful testing has been done for GRE encapsulation with Cisco routers
|
|
and NetBSD boxes as remote and with Cisco routers and Linux 2.0.35 for
|
|
IPIP encapsulation.
|
|
|
|
The files:
|
|
|
|
net/if_gre.[ch] : output interface, encapsulates packets.
|
|
netinet/ip_gre.[ch]: input part, deencapsulates packets. Is IP only
|
|
at the moment and only supports GRE without options.
|
|
netinet/in.h : Addition of IPPROTO_GRE
|
|
netinet/in_proto.c : Addition of protocol switch for GRE , additional
|
|
protocol switch for IPIP, when MROUTING is not
|
|
defined.
|
|
conf/files : mention new files for GRE
|
|
greconfig.c : Utility to set/display tunnel endpoints / mode.
|
|
greconfig.8 : Manpage for greconfig.
|
|
gre.4 : Documentation of driver plus example.
|
|
|
|
|
|
Installation:
|
|
|
|
On NetBSD: add "pseudo-device gre <n>"
|
|
to your kernel config file with <n> being the number of tunnel interfaces
|
|
you want. Then recompile and install the new kernel.
|
|
|
|
Also compile greconfig.c: cc -o greconfig greconfig.c
|
|
Grectl is used to set/display tunnel endpoints. In case when IP is
|
|
encapsulated, this is not needed, but e.g. in the AppleTalk over IP
|
|
case.
|
|
|
|
Todos/Bugs:
|
|
Support other protocols for encapsulation
|
|
|
|
The compute_route() code in if_gre.c toggles the last bit of the
|
|
IP-address to provoke the search for a less specific route than the
|
|
one directly over the tunnel to prevent loops. This is possibly not
|
|
the best solution.
|
|
|
|
GRE RFC not yet fully implemented (no GRE options), no other protocols
|
|
yet than IP over IP.
|
|
RFC 2003 also not yet fully supported wrt. options etc.
|
|
|
|
Code quality is surely not best and possibly not near anything like KNF
|
|
|
|
Traceroute does not work yet over the tunnel :(
|
|
|
|
BPF does probably not yet work (it might, but last time I looked,
|
|
it bombed, so I #if 0'd it out). And also only in outgoing
|
|
direction.
|
|
|
|
---------------------------------------------------------------------------
|
|
|
|
(1) tunnels that end on a mrouted have tunnel mode DVMRP set
|
|
|