Re: [44net] GRE tunnels

4 Dec 2020


      Thanks Bryan,
Looks like it will be the solution for my small sites. 
Do you confirm that if I set this up for a /29 they will have 6 address available cause they will use the first for the gateway and the last as the broadcast address of the /29?
Do you set a DHCP server at the remote site usually?
Got a good How-to for a debian machine for the setup?
Pierre 
Ve2pf
________________________________________
De : 44Net 44net-bounces+petem001=hotmail.com@mailman.ampr.org de la part de Bryan Fields via 44Net 44net@mailman.ampr.org
Envoyé : 4 décembre 2020 13:55
À : 44net@mailman.ampr.org
Cc : Bryan Fields
Objet : Re: [44net] GRE tunnels
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 12/4/20 12:00 PM, pete M via 44Net wrote:
...
Anyone been playing with GRE tunneling?
Yes, this is a service I offer to anyone wanting to have a /29-/26 of the
space I have, or they can bring their own and I'll announce it.  I do this for
two people now.
...
I am looking at that solution to bring part of my /24 to sites where I have
multiple machine that each need a 44 address. GRE have no encryption, it is
only an encapsulation of a Layer 2 packet. This lower the actual possible
MTU size lowering the throughput slightly.
You want TCP-MSS clamping to fix this MTU issue when dealing with sites that
block PMTUD.
...
But it is an easy way to connect a site to the VPS.  At the same time, we
dont need encryption as all the data that are passing into that tunnel is
supposed to be ok to route on the internet. and if they contain special
thing they should already be encrypted with tls/ssl or other mean of
securing the connection.
I take the position that it's ham radio, I don't mess with IPSEC, just run GRE
directly on the connection.
...
Anyone have experience with this?
I use a cisco or linux box to do it.  Super simple.
Cisco config below:
interface Tunnel73
 description TUNNEL TO XXXXXX
 ip address 44.98.444.444 255.255.255.254
 ip router isis
 ip nat outside
 ip virtual-reassembly in
 ip tcp adjust-mss 1436
 clns mtu 1500
 tunnel source vlan50
 tunnel destination 69.69.69.69
73s
- --
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net
...PGP SIGNATURE...
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEaESdNosUjpjcN/JhYTmgYVLGkUAFAl/KhgEACgkQYTmgYVLG
kUDMhRAAp9Je6Ib5VvGJpPsIy8cQktTRMQrhaMyvZ2Pi1SUre+97+/BTaLJmMMYR
4pRGSRNi/9pjuoKa9fzfPkGH7yrrizvL4oCwUWWNYK4H7OFVLxoWG92eb7agVGhH
pMOEuIYhywVP1cpxVIikemtHYbNC3Ci84H585EhZzlg8QU/8Zi2LBy1wwtO3CE6P
ii9A+Uw8SsZBeQ4OcNL5kdtNRiosynmzSKBqh0LCWtZTlZEv4Za8qYzQHlrGI+at
33/r8IZZOZpUlwTzEb7eYEcyAm6H1nu9O//Hoc4NbHx5UWXYlUjbCf7ehdf9UxAC
sJ9tabL8OAwr4wdn6qXN89ld4UwTO5wkAH+A1b9EDCzVA9oe8SBo6ruzaBTm5vP/
ZGV+4kvJ1MN8a19SB+iAFGqIFIKddfVBIcEgtm/J8IHUbUKmsJ9NPEE1f5UnLGGl
frPrcQfSkDqv24gO4vCNYZ6XXatDtEgCphzyZ13nUtL2YkNitUO5sFkOk6jxLSgR
3rXXsL48LlenJDr64JrLHG3DgbqXUjdtfa35s88Ak91bjGt24rOt0wpBMDA7efcm
SuexJImgadw9auNf7PFv0AGLh7uY16dtFX2Z1PDMxBAffcibw2ivEbhOc6LyaxfM
3d3eUCg2NtdFTxq+H0RNLjLvvry0KsrU1kmEAMPulwmyYAInvAo=
=f/sD
-----END PGP SIGNATURE-----
_________________________________________
44Net mailing list
44Net@mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Re: [44net] GRE tunnels