{"id":3377,"date":"2018-12-10T10:09:01","date_gmt":"2018-12-10T10:09:01","guid":{"rendered":"https:\/\/tst-amo.net.ua\/blog\/?p=3377"},"modified":"2018-12-10T10:19:44","modified_gmt":"2018-12-10T10:19:44","slug":"ipip","status":"publish","type":"post","link":"https:\/\/tst-amo.net.ua\/blog\/?p=3377","title":{"rendered":"IPIP"},"content":{"rendered":"<p>\u0414\u0432\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 (Net-R0 \u0438 Net-R2) \u043d\u0430 \u0431\u0430\u0437\u0435 Linux CentOS 7 \u0441 \u0442\u0430\u043a\u0438\u043c\u0438 \u0432\u0432\u043e\u0434\u043d\u044b\u043c\u0438:<\/p>\n<p><strong>Net-R0:<\/strong><\/p>\n<pre>WAN enp0s3 192.168.113.63\r\nLAN enp0s8 10.0.0.1<\/pre>\n<p><strong>Net-R2:<\/strong><\/p>\n<pre>WAN enp0s3 192.168.113.65\r\nLAN enp0s8 172.16.8.1\r\n<\/pre>\n<p>\u041f\u043e\u0434\u043d\u044f\u0442\u044c \u0442\u043e\u043d\u0435\u043b\u044c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0441\u0435\u0442\u044f\u043c.<\/p>\n<pre>#\u00a0sysctl net.ipv4.ip_forward=1<\/pre>\n<h4>Net-R0:<\/h4>\n<pre>[root@Net-R0 network-scripts]# cat ifcfg-ipip1\r\nDEVICE=tun0\r\nBOOTPROTO=none\r\nONBOOT=no\r\nTYPE=IPIP\r\n\r\n## Addr Srv Net-R0\r\nMY_OUTER_IPADDR=192.168.113.63\r\nMY_INNER_IPADDR=172.17.254.1\r\n\r\nPEER_OUTER_IPADDR=192.168.113.65\r\nPEER_INNER_IPADDR=172.17.254.2<\/pre>\n<h4>Net-R2:<\/h4>\n<pre>[root@Net-R2 network-scripts]# cat ifcfg-ipip1\r\nDEVICE=tun0\r\nBOOTPROTO=none\r\nONBOOT=no\r\nTYPE=IPIP\r\n\r\n## Addr Srv Net-R2\r\nMY_OUTER_IPADDR=192.168.113.65\r\n## Addr Srv in a tonnel\r\nMY_INNER_IPADDR=172.17.254.2\r\n\r\n# Addr Peer (other side Net-R0)\r\nPEER_OUTER_IPADDR=192.168.113.63\r\nPEER_INNER_IPADDR=172.17.254.1<\/pre>\n<p>\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u043c IPIP \u043f\u0430\u043a\u0435\u0442\u044b. \u0412\u0438\u0434\u043d\u043e, \u0447\u0442\u043e \u043f\u0430\u043a\u0435\u0442\u044b IPIP \u044d\u043d\u043a\u0430\u043f\u0441\u0443\u043b\u0438\u0440\u0443\u044e\u0442 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a\u00a0IP (192.168.113.65 &gt; 192.168.113.63) \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 IP \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a (172.17.254.2 &gt; 10.0.0.1).<\/p>\n<pre>[root@Net-R2]# ping 10.0.0.1 -c2\r\nPING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.\r\n64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.863 ms\r\n64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.522 ms<\/pre>\n<pre>[root@Net-R0]# tcpdump -vvnneSs 0 -i any port not ssh\r\ntcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes\r\n04:55:26.814714 In 08:00:27:5b:03:19 ethertype IPv4 (0x0800), length 120: (tos 0x0, ttl 64, id 12468, offset 0, flags [DF], proto <span style=\"color: #ff0000;\">IPIP<\/span> (4), length 104)\r\n    192.168.113.65 &gt; 192.168.113.63: (tos 0x0, ttl 64, id 31918, offset 0, flags [DF], proto ICMP (1), length 84)\r\n    172.17.254.2 &gt; 10.0.0.1: ICMP echo request, id 25063, seq 1, length 64\r\n04:55:26.814828 In ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 31918, offset 0, flags [DF], proto ICMP (1), length 84)\r\n    172.17.254.2 &gt; 10.0.0.1: ICMP echo request, id 25063, seq 1, length 64\r\n04:55:26.814877 Out ethertype IPv4 (0x0800), length 100: (tos 0x0, ttl 64, id 22476, offset 0, flags [none], proto ICMP (1), length 84)\r\n    10.0.0.1 &gt; 172.17.254.2: ICMP echo reply, id 25063, seq 1, length 64\r\n04:55:26.814886 Out 08:00:27:5c:5e:08 ethertype IPv4 (0x0800), length 120: (tos 0x0, ttl 64, id 63103, offset 0, flags [DF], proto IPIP (4), length 104)\r\n    192.168.113.63 &gt; 192.168.113.65: (tos 0x0, ttl 64, id 22476, offset 0, flags [none], proto ICMP (1), length 84)\r\n    10.0.0.1 &gt; 172.17.254.2: ICMP echo reply, id 25063, seq 1, length 64\r\n\r\n\r\n<\/pre>\n<p>&nbsp;<\/p>\n<div class=\"pdfprnt-buttons pdfprnt-buttons-post pdfprnt-bottom-right\"><a href=\"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=wpv2posts3377&print=pdf\" class=\"pdfprnt-button pdfprnt-button-pdf\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/tst-amo.net.ua\/blog\/wp-content\/plugins\/pdf-print\/images\/pdf.png\" alt=\"image_pdf\" title=\"View PDF\" \/><\/a><a href=\"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=wpv2posts3377&print=print\" class=\"pdfprnt-button pdfprnt-button-print\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/tst-amo.net.ua\/blog\/wp-content\/plugins\/pdf-print\/images\/print.png\" alt=\"image_print\" title=\"Print Content\" \/><\/a><\/div>","protected":false},"excerpt":{"rendered":"<p>\u0414\u0432\u0430 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430 (Net-R0 \u0438 Net-R2) \u043d\u0430 \u0431\u0430\u0437\u0435 Linux CentOS 7 \u0441 \u0442\u0430\u043a\u0438\u043c\u0438 \u0432\u0432\u043e\u0434\u043d\u044b\u043c\u0438: Net-R0: WAN enp0s3 192.168.113.63 LAN enp0s8 10.0.0.1 Net-R2: WAN enp0s3 192.168.113.65 LAN enp0s8 172.16.8.1 \u041f\u043e\u0434\u043d\u044f\u0442\u044c \u0442\u043e\u043d\u0435\u043b\u044c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0441\u0435\u0442\u044f\u043c. #\u00a0sysctl net.ipv4.ip_forward=1 Net-R0: [root@Net-R0 network-scripts]# cat ifcfg-ipip1 DEVICE=tun0 BOOTPROTO=none ONBOOT=no TYPE=IPIP ## Addr Srv Net-R0 MY_OUTER_IPADDR=192.168.113.63 MY_INNER_IPADDR=172.17.254.1 PEER_OUTER_IPADDR=192.168.113.65 PEER_INNER_IPADDR=172.17.254.2 Net-R2: &#8230;<\/p>\n<p><a href=\"https:\/\/tst-amo.net.ua\/blog\/?p=3377\" class=\"more-link\">Continue reading &lsquo;IPIP&rsquo; &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[197,47,198],"tags":[],"class_list":["post-3377","post","type-post","status-publish","format-standard","hentry","category-ipip","category-linux","category-tunnels"],"_links":{"self":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3377"}],"collection":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3377"}],"version-history":[{"count":5,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3377\/revisions"}],"predecessor-version":[{"id":3383,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=\/wp\/v2\/posts\/3377\/revisions\/3383"}],"wp:attachment":[{"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3377"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3377"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tst-amo.net.ua\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3377"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}