Answers for "bash ip l2tp add tunnel"

0

bash ip l2tp add tunnel

$ ip l2tp add tunnel tunnel_id 10 peer_tunnel_id 20 encap ip local 192.168.1.115 remote 192.168.1.109
Posted by: Guest on July-04-2021
0

bash ip l2tp add tunnel

IP-L2TP(8)                        Linux                       IP-L2TP(8)
Posted by: Guest on July-04-2021
0

bash ip l2tp add tunnel

Setup L2TP tunnels and sessions
       site-A:# ip l2tp add tunnel tunnel_id 3000 peer_tunnel_id 4000 \
                  encap udp local 1.2.3.4 remote 5.6.7.8 \
                  udp_sport 5000 udp_dport 6000
       site-A:# ip l2tp add session tunnel_id 3000 session_id 1000 \
                  peer_session_id 2000

       site-B:# ip l2tp add tunnel tunnel_id 4000 peer_tunnel_id 3000 \
                  encap udp local 5.6.7.8 remote 1.2.3.4 \
                  udp_sport 6000 udp_dport 5000
       site-B:# ip l2tp add session tunnel_id 4000 session_id 2000 \
                  peer_session_id 1000

       site-A:# ip link set l2tpeth0 up mtu 1488

       site-B:# ip link set l2tpeth0 up mtu 1488

       Notice that the IP addresses, UDP ports and tunnel / session ids
       are matched and reversed at each site.

   Configure as IP interfaces
       The two interfaces can be configured with IP addresses if only IP
       data is to be carried. This is perhaps the simplest
       configuration.

       site-A:# ip addr add 10.42.1.1 peer 10.42.1.2 dev l2tpeth0

       site-B:# ip addr add 10.42.1.2 peer 10.42.1.1 dev l2tpeth0

       site-A:# ping 10.42.1.2

       Now the link should be usable. Add static routes as needed to
       have data sent over the new link.

   Configure as bridged interfaces
       To carry non-IP data, the L2TP network interface is added to a
       bridge instead of being assigned its own IP address, using
       standard Linux utilities. Since raw ethernet frames are then
       carried inside the tunnel, the MTU of the L2TP interfaces must be
       set to allow space for those headers.

       site-A:# ip link set l2tpeth0 up mtu 1446
       site-A:# ip link add br0 type bridge
       site-A:# ip link set l2tpeth0 master br0
       site-A:# ip link set eth0 master br0
       site-A:# ip link set br0 up

       If you are using VLANs, setup a bridge per VLAN and bridge each
       VLAN over a separate L2TP session. For example, to bridge VLAN ID
       5 on eth1 over an L2TP pseudowire:

       site-A:# ip link set l2tpeth0 up mtu 1446
       site-A:# ip link add brvlan5 type bridge
       site-A:# ip link set l2tpeth0.5 master brvlan5
       site-A:# ip link set eth1.5 master brvlan5
       site-A:# ip link set brvlan5 up

       Adding the L2TP interface to a bridge causes the bridge to
       forward traffic over the L2TP pseudowire just like it forwards
       over any other interface. The bridge learns MAC addresses of
       hosts attached to each interface and intelligently forwards
       frames from one bridge port to another. IP addresses are not
       assigned to the l2tpethN interfaces. If the bridge is correctly
       configured at both sides of the L2TP pseudowire, it should be
       possible to reach hosts in the peer's bridged network.

       When raw ethernet frames are bridged across an L2TP tunnel, large
       frames may be fragmented and forwarded as individual IP fragments
       to the recipient, depending on the MTU of the physical interface
       used by the tunnel. When the ethernet frames carry protocols
       which are reassembled by the recipient, like IP, this isn't a
       problem. However, such fragmentation can cause problems for
       protocols like PPPoE where the recipient expects to receive
       ethernet frames exactly as transmitted. In such cases, it is
       important that frames leaving the tunnel are reassembled back
       into a single frame before being forwarded on. To do so, enable
       netfilter connection tracking (conntrack) or manually load the
       Linux netfilter defrag modules at each tunnel endpoint.

       site-A:# modprobe nf_defrag_ipv4

       site-B:# modprobe nf_defrag_ipv4

       If L2TP is being used over IPv6, use the IPv6 defrag module.
Posted by: Guest on July-04-2021

Code answers related to "Shell/Bash"

Browse Popular Code Answers by Language