SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from openSUSE Tumbleweed wicked-0.6.45-1.1.i586.rpm

IFCFG-TUNNEL

Section: Network configuration (5)
Updated: August 2004
Index

 

NAME

ifcfg-tunnel - network tunnel interface configuration 

SYNOPSIS

/etc/sysconfig/network/ifcfg-gre*
/etc/sysconfig/network/ifcfg-ipip*
/etc/sysconfig/network/ifcfg-sit*

/etc/sysconfig/network/ifcfg-tun*
/etc/sysconfig/network/ifcfg-tap*

 

Tunnel interfaces

It is possible to create static IP tunnel interfaces for three differentprotocols:
SIT
IPv6 over IPv4 tunnel
GRE
universal IPv4 tunnel
IPIP
IPv4 over IPv4 tunnel

Additionally, creation of user space program driven tunnels usingthe universal TUN/TAP device driver is supported:

TAP
Ethernet tunnel interface
TUN
Point-to-Point IP tunnel interface

Since there is not yet YaST2 support for creating tunnels one mustwrite appropriate config files by hand for now.

 

VARIABLES

These variables can used in ip tunnel config files:
TUNNEL
Here you have to set the tunnel protocol. This may be "sit" for IPv6 over IPv4tunnel, "gre" for universal IPv4 tunnel, "ipip" for IPv4 over IPv4 tunnel and"tap" or "tun" for the user space program driven tunnels.
TUNNEL_LOCAL_IPADDR
The address of the local tunnel's end must be directly specified inTUNNEL_LOCAL_IPADDRvariable. The address must be present on an existing interface of this host.
TUNNEL_REMOTE_IPADDR
The address of the remote tunnel's end.
TUNNEL_DEVICE
Permits to specify an optional device name, to bind the tunnel to the device,so that tunneled packets will only be routed via this device and will not beable to escape to usable routes available on another devices.
TUNNEL_TTL
Specify theTime To Lifeof the packet which carries the tunneled data. Usually it is set to 64 but insome circumstances you may want do use something else between 1 and 255. If notexplicitly set, the TTL is copied from the inner (tunneled) packet.
TUNNEL_TOS
Specify theType of Serviceof the packet which carries the tunneled data.
TUNNEL_PMTUDISC
Enable or disable thePath MTU Discoveryon this tunnel. PMTU discovery is disabled by default. Note that a fixed TTL isincompatible with this option: tunnelling with a fixed TTL always makes PMTUdiscovery.
TUNNEL_GRE_FLAGS <iseq | oseq | icsum | ocsum>
Permits to specify a space separated list of flags to enable sequencing andchecksums for incomming and outgoing tunneled packets.
TUNNEL_GRE_IKEY <key>
TUNNEL_GRE_OKEY <key>
Permits to use of keyed GRE using the specified key for incomming and outgoingtunneled packets in IPv4 dotted quad IP address notation or as a number.
SIT_ISATAP
Applicable only to SIT tunnels. Enable or disable this variable to controlwhether the SIT tunnel utilizes Intra-Site Automatic Tunnel Addressing Protocol.By default this option is disabled.
TUNNEL_SET_OWNER and TUNNEL_SET_GROUPAllows to set the owner and group (by name or UID/GID) for persistenttun/tap interfaces.
 

Examples for tunnel configurations

These are some generic examples for different tunnel types. Replace the shownaddresses and interface names by your individual ones. As configuration namesyou may choose the interface names.
GRE and IPIP tunnels
Create a GRE tunnel between a local computer with IP address 192.168.1.2and a remote computer with IP address 172.16.2.3. After the tunnel iscreated assign an IP address 10.20.30.40 to it's local end. Default filename:ifcfg-gre1
   STARTMODE='onboot'   BOOTPROTO='static'   TUNNEL='gre'   TUNNEL_LOCAL_IPADDR='192.168.1.2'   TUNNEL_REMOTE_IPADDR='172.16.2.3'   IPADDR='10.20.30.40'   TUNNEL_TTL='64'
IPIP tunnels are created in exactly the same way, except that the variableTUNNELhas to be set to "ipip". Use filenameifcfg-tunl1in this case.
SIT tunnels for IPv6 over IPv4
StaticSIT tunnels are currently supported.To create a "static" tunnel one needs to know an IPv4 address of the remote end.The following example also assigns the local IPv6 address 3ffe:ffff::1234/64:ifcfg-sit1
   STARTMODE='onboot'   BOOTPROTO='static'   TUNNEL='sit'   TUNNEL_LOCAL_IPADDR='192.168.1.2'   TUNNEL_REMOTE_IPADDR='172.16.2.3'   IPADDR='3ffe:ffff::1234/64'   TUNNEL_TTL='64'
Universal TUN/TAP tunnels
The universal TUN/TAP kernel driver provides an interface for userspace programs to operate a tunnel. There are two modes in whichthe interface can be created:
  TUN (a Point-to-Point interface using local and remote IP) or  TAP (like normal ethernet interface, e.g. for use in bridges).

The following configuration allows to create the interfacespersistently:

ifcfg-tap0

   STARTMODE='onboot'   BOOTPROTO='static'   TUNNEL='tap'   TUNNEL_SET_OWNER='username'   TUNNEL_SET_GROUP='groupname'

ifcfg-tun0

   STARTMODE='onboot'   BOOTPROTO='static'   TUNNEL='tun'   TUNNEL_SET_OWNER='username'   TUNNEL_SET_GROUP='groupname'

The user space program can be started later. TheTUNNEL_SET_OWNER and TUNNEL_SET_GROUP settings allow to runthe user space program with an different UID/GID than 0 (root).When not specified, the user space program has to run with UID 0.

 

COPYRIGHT

Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. 

BUGS

Please report bugs at <https://bugzilla.novell.com/index.cgi> 

AUTHORS

Michal Ludvig -- original tunnel man pageKarol Mroz -- wicked
 

SEE ALSO

ifcfg(5).

 

Index

NAME
SYNOPSIS
Tunnel interfaces
VARIABLES
Examples for tunnel configurations
COPYRIGHT
BUGS
AUTHORS
SEE ALSO
This document was created byman2html,using the manual pages.