DISQUS

Thomas Anderson · 3 years ago

# ifconfig tun0 10.0.0.1 netmask 255.255.255.252 \
> pointopoint 10.0.0.1

ошибочка - должно быть так:
ifconfig tun0 10.0.0.1 netmask 255.255.255.252 \
> pointopoint 10.0.0.2

zenith · 3 years ago

У меня вот возник вопрос: как быть если число серверов больше двух? Настраивать туннели попарно? Или можно это сделать по-другому? У меня 14 подсетей :)

rcayenne · 3 years ago

For which version of FreeBSD is this example intented? I tryed it on 5.2.1 and there is no gifconfig command.

Scoundrel · 3 years ago

I've tried it in 4.X, but I think, that this command should be in 5.X and 6.X. maybe they've changed its name... Try to use Google ;-)

tunnel · 2 years ago

In 5.x and 6.x the gifconfig command is included in the ifconfig command itself as an option "tunnel".

jr · 2 years ago

Very good, I've tested just the linux part and it works fine.
MAny Thanks

Семён · 2 years ago

Народ а расскажите можно ли теперь этот IP-тунель криптовать Racoon-ом???

Алексей · 2 years ago

можно и нужно :)

Felipe Alfaro Solana · 1 year ago

Using an MTU of 1,500 on the tun0 will likely cause fragmentation issues.

Typically, Ethernet maximum frame size is 1,500 bytes. MTU reflects the maximum payload that will fit in the Layer 2 without causing fragmentation. If you use an MTU of 1,500 for tun0, your encapsulating IP datagram will likely be fragmented because you are not accounting for the overhead of the encapsulation.

When using IP-over-IP, you need to discount 20 bytes for the encapsulating IP header. This means you should use an MTU of 1,480 and not 1,500. If you want to use GRE, you also need to deduct the size of the GRE header.