gdb - Local mods (compile)

[dragonfly.git] / share / man / man4 / gre.4

.\" $NetBSD: gre.4,v 1.28 2002/06/10 02:49:35 itojun Exp $
.\"
.\" Copyright 1998 (c) The NetBSD Foundation, Inc.
.\" All rights reserved.
.\"
.\" This code is derived from software contributed to The NetBSD Foundation
.\" by Heiko W.Rupp <hwr@pilhuhn.de>
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\"    must display the following acknowledgement:
.\"     This product includes software developed by the NetBSD
.\"	Foundation, Inc. and its contributors.
.\" 4. Neither the name of the The NetBSD Foundation nor the names of its
.\"    contributors may be used to endorse or promote products derived
.\"    from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD: src/share/man/man4/gre.4,v 1.7 2006/10/19 07:41:47 danger Exp $
.\"
.Dd November 11, 2007
.Dt GRE 4
.Os
.Sh NAME
.Nm gre
.Nd encapsulating network device
.Sh SYNOPSIS
To compile this driver into the kernel, place the following line
in the kernel configuration file:
.Bd -ragged -offset indent
.Cd "pseudo-device gre"
.Ed
.Pp
Alternatively, to load this driver as a module at boot time,
place the following line in
.Xr loader.conf 5 :
.Bd -literal -offset indent
if_gre_load="YES"
.Ed
.Sh DESCRIPTION
The
.Nm
network interface pseudo device encapsulates datagrams
into IP.
These encapsulated datagrams are routed to a destination host,
where they are decapsulated and further routed to their final destination.
The
.Dq tunnel
appears to the inner datagrams as one hop.
.Pp
.Nm
interfaces are dynamically created and destroyed with the
.Xr ifconfig 8
.Cm create
and
.Cm destroy
subcommands.
.Pp
This driver currently supports the following modes of operation:
.Bl -tag -width indent
.It "GRE encapsulation (IP protocol number 47)"
Encapsulated datagrams are
prepended an outer datagram and a GRE header.
The GRE header specifies
the type of the encapsulated datagram and thus allows for tunneling other
protocols than IP.
GRE mode is also the default tunnel mode on Cisco routers.
This is also the default mode of operation of the
.Nm
interfaces.
.\"As part of the GRE mode,
.\".Nm
.\"also supports Cisco WCCP protocol, both version 1 and version 2.
.\"Since there is no reliable way to distinguish between WCCP versions, it
.\"should be configured manually using the
.\".Cm link2
.\"flag.
.\"If the
.\".Cm link2
.\"flag is not set (default), then WCCP version 1 is selected.
.It "MOBILE encapsulation (IP protocol number 55)"
Datagrams are
encapsulated into IP, but with a shorter encapsulation.
The original
IP header is modified and the modifications are inserted between the
so modified header and the original payload.
Like
.Xr gif 4 ,
only for IP-in-IP encapsulation.
.El
.Pp
The
.Nm
interfaces support a number of
.Xr ioctl 2 Ns s ,
such as:
.Bl -tag -width ".Dv GRESADDRS"
.It Dv GRESADDRS
Set the IP address of the local tunnel end.
This is the source address
set by or displayed by
.Xr ifconfig 8
for the
.Nm
interface.
.It Dv GRESADDRD
Set the IP address of the remote tunnel end.
This is the destination address
set by or displayed by
.Xr ifconfig 8
for the
.Nm
interface.
.It Dv GREGADDRS
Query the IP address that is set for the local tunnel end.
This is the
address the encapsulation header carries as local address (i.e., the real
address of the tunnel start point).
.It Dv GREGADDRD
Query the IP address that is set for the remote tunnel end.
This is the
address the encapsulated packets are sent to (i.e., the real address of
the remote tunnel endpoint).
.It Dv GRESPROTO
Set the operation mode to the specified IP protocol value.
The
protocol is passed to the interface in
.Po Vt "struct ifreq" Pc Ns Li -> Ns Va ifr_flags .
The operation mode can also be given as
.Pp
.Bl -tag -width ".Cm -link0" -compact
.It Cm link0
.Dv IPPROTO_GRE
.It Cm -link0
.Dv IPPROTO_MOBILE
.El
.Pp
to
.Xr ifconfig 8 .
.Pp
The
.Cm link1
flag is not used to choose encapsulation, but to modify the
internal route search for the remote tunnel endpoint, see the
.Sx BUGS
section below.
.It Dv GREGPROTO
Query operation mode.
.El
.Pp
Note that the IP addresses of the tunnel endpoints may be the same as the
ones defined with
.Xr ifconfig 8
for the interface (as if IP is encapsulated), but need not be.
.Sh EXAMPLES
Configuration example:
.Bd -literal
Host X-- Host A  ----------------tunnel---------- Cisco D------Host E
          \\                                          |
           \\                                        /
            +------Host B----------Host C----------+
.Ed
.Pp
On host A
.Pq Dx :
.Bd -literal -offset indent
route add default B
ifconfig greN create
ifconfig greN A D netmask 0xffffffff linkX up
ifconfig greN tunnel A D
route add E D
.Ed
.Pp
On Host D (Cisco):
.Bd -literal -offset indent
Interface TunnelX
 ip unnumbered D   ! e.g. address from Ethernet interface
 tunnel source D   ! e.g. address from Ethernet interface
 tunnel destination A
ip route C <some interface and mask>
ip route A mask C
ip route X mask tunnelX
.Ed
.Pp
OR
.Pp
On Host D
.Pq Dx :
.Bd -literal -offset indent
route add default C
ifconfig greN create
ifconfig greN D A
ifconfig greN tunnel D A
.Ed
.Pp
If all goes well, you should see packets flowing ;-)
.Pp
If you want to reach Host A over the tunnel (from Host D (Cisco)), then
you have to have an alias on Host A for e.g.\& the Ethernet interface like:
.Pp
.Dl "ifconfig <etherif> alias Y"
.Pp
and on the Cisco:
.Pp
.Dl "ip route Y mask tunnelX"
.Pp
A similar setup can be used to create a link between two private networks
(for example in the 192.168 subnet) over the Internet:
.Bd -literal
192.168.1.* --- Router A  -------tunnel-------- Router B --- 192.168.2.*
                   \\                              /
                    \\                            /
                     +------ the Internet ------+
.Ed
.Pp
Assuming router A has the (external) IP address A and the internal address
192.168.1.1, while router B has external address B and internal address
192.168.2.1, the following commands will configure the tunnel:
.Pp
On router A:
.Bd -literal -offset indent
ifconfig greN create
ifconfig greN 192.168.1.1 192.168.2.1 link1
ifconfig greN tunnel A B
route add -net 192.168.2 -netmask 255.255.255.0 192.168.2.1
.Ed
.Pp
On router B:
.Bd -literal -offset indent
ifconfig greN create
ifconfig greN 192.168.2.1 192.168.1.1 link1
ifconfig greN tunnel B A
route add -net 192.168.1 -netmask 255.255.255.0 192.168.1.1
.Ed
.Pp
Note that this is a safe situation where the
.Cm link1
flag (as discussed in the
.Sx BUGS
section below) may (and probably should) be set.
.Sh NOTES
The MTU of
.Nm
interfaces is set to 1476 by default, to match the value used by Cisco routers.
This may not be an optimal value, depending on the link between the two tunnel
endpoints.
It can be adjusted via
.Xr ifconfig 8 .
.Pp
For correct operation, the
.Nm
device needs a route to the destination that is less specific than the
one over the tunnel.
(Basically, there needs to be a route to the decapsulating host that
does not run over the tunnel, as this would be a loop.)
If the addresses are ambiguous, doing the
.Nm ifconfig Cm tunnel
step before the
.Xr ifconfig 8
call to set the
.Nm
IP addresses will help to find a route outside the tunnel.
.Pp
In order to tell
.Xr ifconfig 8
to actually mark the interface as
.Dq up ,
the keyword
.Cm up
must be given last on its command line.
.Pp
The kernel must be set to forward datagrams by setting the
.Va net.inet.ip.forwarding
.Xr sysctl 8
variable to non-zero.
.Sh SEE ALSO
.Xr gif 4 ,
.Xr inet 4 ,
.Xr ip 4 ,
.Xr netintro 4 ,
.Xr protocols 5 ,
.Xr ifconfig 8 ,
.Xr sysctl 8
.Pp
A description of GRE encapsulation can be found in RFC 1701 and RFC 1702.
.Pp
A description of MOBILE encapsulation can be found in RFC 2004.
.Sh AUTHORS
.An Heiko W. Rupp Aq Mt hwr@pilhuhn.de
.Sh BUGS
The
.Fn gre_compute_route
code in
.Pa if_gre.c
toggles the last bit of the
IP-address to provoke the search for a less specific route than the
one directly over the tunnel to prevent loops.
This is possibly not the best solution.
.Pp
To avoid the address munging described above, turn on the
.Cm link1
flag on the
.Xr ifconfig 8
command line.
This implies that the GRE packet destination and the ifconfig remote host
are not the same IP addresses, and that the GRE destination does not route
over the
.Nm
interface itself.
.Pp
The GRE RFCs are not yet fully implemented (no GRE options).