Thursday, June 27, 2013

How can I allow IP protocol 47 (gre) via iptables to connect a GRE GW?

Topology:
GRE GW1 ----- Switch -----(eth0)Linux NAT Router(eth1) ----- Switch ----- GRE GW2

To configure IP protocol 47 to GRE GW on NAT Router below:
# iptables -t nat -A PREROUTING -i eth0 -p gre -j DNAT --to-destination 10.10.2.186  
Where 10.10.2.186 is GRE GW2's IP.


To configure L2oGRE on Linux:
# modprobe ip_gre
# ip link add link gre0 name tunnel0 type gretap remote 192.168.0.1 local 10.10.2.186
# ip link set tunnel0 up
# brctl addbr br0
# ip link set br0 up
# ip link set eth2 up
# brctl addif br0 tunnel0
# brctl addif br0 eth2