ifconfig tunl1 10.0.0.1 pointopoint 22.214.171.124to create tunnel. It does not work in 2.2.0!
A: You are right, it does not work. The command written above is split to two commands.
ip tunnel add MY-TUNNEL mode ipip remote 126.96.36.199will create tunnel device with name
MY-TUNNEL. Now you may configure it with:
ifconfig MY-TUNNEL 10.0.0.1Certainly, if you prefer name
MY-TUNNEL, you still may use it.
ifconfig tunl0 10.0.0.1 route add -net 10.0.0.0 gw 188.8.131.52 dev tunl0to tunnel net 10.0.0.0 via router 184.108.40.206. It does not work in 2.2.0! Moreover,
routeprints a funny error sort of ``network unreachable'' and after this I found a strange direct route to 10.0.0.0 via
tunl0in routing table.
A: Yes, in 2.2 the rule that normal gateway must reside on directly connected network has not any exceptions. You may tell kernel, that this particular route is abnormal:
ifconfig tunl0 10.0.0.1 netmask 255.255.255.255 ip route add 10.0.0.0/8 via 220.127.116.11 dev tunl0 onlinkNote keyword
onlink, it is the magic key that orders kernel not to check for consistency of gateway address. Probably, after this explanation you have already guessed another method to cheat kernel:
ifconfig tunl0 10.0.0.1 netmask 255.255.255.255 route add -host 18.104.22.168 dev tunl0 route add -net 10.0.0.0 netmask 255.0.0.0 gw 22.214.171.124 route del -host 126.96.36.199 dev tunl0Well, if you like such tricks, nobody may prohibit you to use them. Only do not forget that between
route delhost 188.8.131.52 is unreachable.
tunneldevice module and
ipipmodule. I cannot find any
A: Linux-2.2 has single module
ipip for both directions of tunneling
and for all IPIP tunnel devices.
traceroutedoes not work over tunnel! Well, stop... It works, only skips some number of hops.
A: Yes. By default tunnel driver copies
ttl value from
inner packet to outer one. It means that path traversed by tunneled
packets to another endpoint is not hidden. If you dislike this, or if you
are going to use some routing protocol expecting that packets
with ttl 1 will reach peering host (f.e. RIP, OSPF or EBGP)
and you are not afraid of
tunnel loops, you may append option
ttl 64, when creating tunnel
ip tunnel add.