Re: [44net] ipencap routing question

Sorry for my previous unreadable post, I forgot to deactivate encryption :-( Hi Lynwood, tnx for coming back, On 28.12.20 at 21:41 wrote lleachii(a)aol.com: ... I am running Debian stock 4.19.160-2 kernel. And it seems that indeed on this system the required tunnels indeed seem to be created on-demand. So since my post I've managed to set up my machine finally, by careful trying the different solutions documented in the various scripts available in the wiki and by learning about linux tunnels. But as I was trying to setup my machine the "debian way" I first had to overcome some hurdles. Specifically I was trying to set up the tunnel by using the "tunnel" stanza in /etc/network/interfaces and that requires explicit IP addresses for the endpoints. While I was experimenting with this I found out that always, even after successful ifdown of my tunnel, a single tunnel device remained. This device could not be removed by any means, once there. Further investigation leads me to believe that this is "the" device that is able to create tunnels "on the fly". (So far I have not started to read the source of the ipip driver, which I believe will be the only place where I can hope to get a definitive answer.) However then the debian way to set up things is not so straight forward any more. At least I was able to come up with a solution (somewhat of a hack, but not worse than the other scripts) by ifup-ing my net by specifying the setup using the "manual" stanza. ... Unfortunately I was not able to find some explicit information on the issue within the wikis. Would you pls be so kind and point me to the relevant article? In either case, if you are interested, here is my setup of /etc/network/interfaces: --8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<-- # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug enp1s0 iface enp1s0 inet dhcp auto enp2s0 iface enp2s0 inet static address <replace this with your ISP's IP> netmask <replace this with your ISP's netmask> gateway <replace this with your ISP's gateway> dns-nameservers <replace this with your ISP's name servers> auto tunl0 iface tunl0 inet manual mtu 1440 up ip addr add <your 44net assignement/32> dev $IFACE up ip tunnel change ttl 64 mode ipip $IFACE up ip link set dev $IFACE up up ip rule add to 44.0.0.0/9 table 44 priority 44 up ip rule add to 44.128.0.0/10 table 44 priority 44 up ip rule add <your 44net assignement/32> table 44 priority 45 up ip route add default dev $IFACE via 169.228.34.84 onlink table 44 up /usr/sbin/ampr-ripd -s -r -i tunl0 -t 44 -L "OE1RSA@JN88DF" down killall ampr-ripd down ip route flush table 44 down ip rule del <your 44net assignement/32> down ip rule del to 44.128.0.0/10 down ip rule del to 44.0.0.0/9 --8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<-- vy 73 de Roland, oe1rsa -- __________________________________________ _ _ | Roland Schwarz |_)(_ | | \__) | mailto:roland.schwarz@blackspace.at ________| http://www.blackspace.at