• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

multiple address gre0

Riccardo_Ricci

New Member


Messages: 4

#1
Hi to all!!! I need some help to configure my 3 servers... The three servers have public IP, and I need to see them via a private IP located in 172.20.x.x. I configured a gre(4) interface on servers 1 and 2 to tunnel (and I need help for Server 3).

On server1:
Code:
gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1476
   options=80000<LINKSTATE>
   tunnel inet a.b.c.d --> e.f.g.h
   inet 172.20.1.1 --> 172.20.1.2  netmask 0xffffff00
   nd6 options=4b<PERFORMNUD,ACCEPT_RTADV,IFDISABLED,NO_RADR>
   groups: gre
On server2:
Code:
gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1476
   options=80000<LINKSTATE>
   tunnel inet e.f.g.h --> a.b.c.d
   inet 172.20.1.2 --> 172.20.1.1  netmask 0xffffff00
   nd6 options=b<PERFORMNUD,ACCEPT_RTADV,IFDISABLED>
   groups: gre
1 and 2 can communicate via the tunnel...

On server3 I need a configuration like:
Code:
gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1476
   options=80000<LINKSTATE>
   tunnel inet i.j.k.l --> a.b.c.d
   inet 172.20.1.3 --> 172.20.1.1  netmask 0xffffff00
   nd6 options=4b<PERFORMNUD,ACCEPT_RTADV,IFDISABLED,NO_RADR>
   groups: gre
(2 and 3 have to be isolated from each other). But the server1 cannot accept... Any suggestion? Can I create an alias on server1 with same IP and different endpoint? Thanks to all.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 6,098
Messages: 26,991

#2
Use a circular configuration, with each server having two distinct gre(4) interfaces.

Code:
srv1 -> srv2 ; srv2 -> srv3 ; srv3 -> srv1
Note however that gre(4) tunnels don't use authentication or encryption. You may want to use IPSec or OpenVPN instead.
 

Riccardo_Ricci

New Member


Messages: 4

#3
Use a circular configuration, with each server having two distinct gre(4) interfaces.

Code:
srv1 -> srv2 ; srv2 -> srv3 ; srv3 -> srv1
Note however that gre(4) tunnels don't use authentication or encryption. You may want to use IPSec or OpenVPN instead.

The real state should be:
Code:
srv2 -------> srv1
srv3 -------> srv1
But srv must be 172.20.1.1 for both
 

Riccardo_Ricci

New Member


Messages: 4

#4
It Works!!!
The virtual interface, with mask /32, can have the same IP and different endpoints...

Code:
gre0
   tunnel inet a.b.c.d --> e.f.g.h
   inet 172.20.1.1 --> 172.20.1.2  netmask 0xffffffff

gre1
   tunnel inet a.b.c.d --> i.j.k.l
   inet 172.20.1.1 --> 172.20.1.3  netmask 0xffffffff
 
Top