1

I have a VPS with an external IP say 40.40.40.40 and trying to create IPIP tunnel to it. Here is what I tried:

#create interface megatun0 to tunnel traffic through the host 40.40.40.40.
sudo ip tunnel add megatun0 mode ipip remote 40.40.40.40 local 192.168.15.1

#set local address of the megatun0 interface
sudo ip address add 192.168.15.2 dev megatun0

#turn it on
sudo ip link set dev megatun0 up

#add a route to the routing table
sudo ip route add 192.168.15.0/24 dev megatun0

So I expect the IP packets routed through 192.168.15.0/24 dev megatun0 scope link are redirected to the 40.40.40.40 via IP tunnel. But when doing ping 192.168.15.1 and capturing tcpdump on the laptop as follows:

$ sudo tcpdump -vv -n proto \\icmp

I don't even see ICMP packets are being sent to the VPS. But what I do see is that TX errors on the megatun0 interface are getting increased:

megatun0: flags=209<UP,POINTOPOINT,RUNNING,NOARP>  mtu 1480
        inet 192.168.15.2  netmask 255.255.255.255  destination 192.168.15.2
        inet6 fe80::5efe:c0a8:f01  prefixlen 64  scopeid 0x20<link>
        tunnel   txqueuelen 1000  (IPIP Tunnel)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 115  dropped 0 overruns 0  carrier 115  collisions 0

I expected that IPIP tunnel packets are received on the VPS side and just dropped because it's not known what to do with them. But they aren't even sent.

What did I do wrong and how to fix it?

Improve this question
0

1 Answer 1

Reset to default
1

I misunderstood the documentation. The tunnel's remote and local parameters should be IP addresses accessible from both sides. And besides the local should be exactly the address of some network interface. Here is what man ip-tunnel mentions regarding local:

local ADDRESS
                 set the fixed local address for tunneled packets.
                 It must be an address on another interface of this
                 host.

So providing that my laptop's external IP attached to eth0 is 50.50.50.50 here is the correct tunnel setup:

sudo ip tunnel add megatun0 mode ipip remote 40.40.40.40 local 50.50.50.50
Improve this answer
1
  • Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
    – Community Bot
    Commented Jun 12, 2023 at 12:46

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .