IPIP Tunneling Question

From: brc@monmouth.com
Date: Fri Jan 07 2000 - 16:00:16 EST


I have been trying to establish a tunnel between
two linux boxes (v2.2.9). I have been successful, but only if I have
reciprocal tunnels on each machine configured.

I would prefer not to have the reverse tunnel established.
What follows is a description of the case where
the encapsulation does not work.

I have two boxes (Box A and Box B). I am trying to send
an IPIP encapsulated datagram from Box A to Box B. I want
packets from B to A to return unencapsulated. My assumption
is that I would not establish the tunnel device on Box B.
When the tunnel is not configured on B, tcpdump (on B) shows that
an ICMP message of protocol unreachable is returned (to A) for
the udp protocol. For a test, I tried sending a udp
packet (thus the udp protocol unreachable). When I tried with
other protocols, I received the equivalent protocol unreachable
ICMP message. BTW, these protocols work without the
IPIP encapsulation. In this situation, I have loaded the ipip
module on box B.

I think I am trying to implement triangle routing as in
Mobile IP. I have looked at some of the mobile IP implementations
on the net and I don't seem to be doing anything different. Is
my assumption correct that I do not need to establish the reverse

I looked at the ipip.c code and the function ipip_rcv
seems to requires the existence of a reciprocal tunnel on the receiver
of the ipip datagram or the Protocol Unreachable ICMP message
is sent. There is a line that checks to see if an equivalent
tunnel exists and if not the ICMP message is sent. Am I
interpreting this correctly?

Any help would be greatly appreciated.



This message was sent using MI-Webmail.
No matter where you are, never lose touch.
Get your Email using MI-Webmail.

To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu

This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:28 EST