Questions tagged [tunneling]
The tunneling tag has no usage guidance.
177
questions
0
votes
0
answers
27
views
SSH tunnel error: sys_tun_open: failed to configure tunnel (mode 1): Invalid argument
I'm trying to create a SSH tunnel between 2 Raspberry PI's both running Debian Bookworm.
I try to establish the connection using the command
sudo ssh -w0:0 <user>@<ip> -p<ssh port> ...
2
votes
0
answers
84
views
Cannot add a tunnel to /etc/network/interfaces
Note:
I already checked this question and this question. The solution of the former is not relevant to my problem and the latter does not have any answers.
I have a basic VPS from aeza.net. When I ...
- 61
2
votes
1
answer
78
views
Firefox traffic through socks-proxy SSH tunnel attempt to use IPv6 on systems where IPv6 is not supported
I need to use socks proxy in Firefox on my laptop, using ssh tunnel to server
On my laptop, I set socks proxy in firefox, and connect to server:
ssh server -D1234
When I visit any website in firefox, ...
- 558
0
votes
0
answers
7
views
How does dynamic routing stack up against multipathing/bonding techniques for a remote gateway?
I have a remote gateway to which I connect using two IKEv2 VTIs, OpenVPN, Wireshark, or a combination of these in /30 tunnels. Then create an ECMP route using OSPF (FRR) and the rest is like magic. I ...
- 311
0
votes
1
answer
240
views
Connect IPSEC VPN to network interface
I have a StrongSwan IPSEC VPN configured on my Ubuntu 22.04.4 LTS server. The VPN starts up and connects to the primary interface (eno1) successfully.
Using qBittorrent, I bind to the IP Address that ...
- 51
0
votes
0
answers
101
views
SSH tunneling over cloudflare tunnel for linux server
I need to connect to my linux server over cloudflare tunnel to protect my server. I have some user and need it for this. can every one help my?
I tried this commands:
mkdir Argo && cd Argo
...
- 1
1
vote
1
answer
120
views
Why doesn't systemd-networkd add address and peer to the tun interface?
I'm trying to create tun interface and to add address and peer to it via .netdev and .network files of systemd-networkd. I'm using Ubuntu 22.04.3 LTS and systemd 249.
I have two following ...
- 13
0
votes
0
answers
23
views
My linux machine forwarding
I have a debian machine (raspberry pi) and I would like to tunnel it (or how is it called) so I can access webservers etc hosted on it without screwing with the router firewall. Do you know of any ...
0
votes
0
answers
36
views
How to create a second GUE tunnel on a different port
How can multiple GUE tunnels be created in the same (default) network namespace with the same remote IP address, but different ports?
So far, I've been successfully able to create exactly one GUE ...
- 101
1
vote
1
answer
139
views
Traffic shaping ineffective on tun device
I am developing a tunnel application that will provide a low-latency, variable bandwidth link. This will be operating in a system that requires traffic prioritization. However, while traffic towards ...
- 111
0
votes
0
answers
80
views
How to save GRE tunnel in my vm?
Well, I created a gre tunnel in virtualbox connecting two linux vms, and it worked very well. But whenever I reboot the vms, the gre simply disappears. Is there any command I can use to save gre? Or, ...
1
vote
0
answers
39
views
Route through ppp0? [duplicate]
read carefully pls..
im connecting to another local network IN (overWAN) using q vpn (openfortivpn) to access that local network.
i can ping the local hosts on that network.. i can scan em with nmap ...
- 19
0
votes
0
answers
103
views
How to setup a DNS with a socat based vpn?
Since socat has the functionality of creating tunnel interfaces and route traffic over UDP, I believe a VPN can be created using this feature.
Server side setup:
sudo socat -d -d TUN:10.0.0.1/24,up ...
- 111
0
votes
0
answers
72
views
Forcing packets through a TUN interface on Mac?
I am wanting to build a toy VPN server/client. This isn't impossible to setup on Linux due to the beautiful iproute2 package and granular routing control. However, on Mac the experience has been ...
- 1
1
vote
0
answers
112
views
Anyone know of a TCP-based tunnel protocol linux will support?
I have a lossy (1%) 10gig link between geographic locations which supports legacy systems that have non-tuneable TCP stacks. They have horrible throughput across the link because their TCP stacks ...
- 21
0
votes
0
answers
31
views
How do I find out what is stopping a sit tunnel routing?
In my town, IPv6 does not exist with any provider. I own 2001:67c:2284::/48 which I announce with Vultr.
I am trying to set up a SIT tunnel to use 2001:67c:2284:1::/64 from my office using nmcli but I'...
1
vote
1
answer
85
views
Check whether a given host can be reached via a given interface (`tun0`, created by OpenVPN)
I have multiple network interfaces on my Linux system. Some physical (eth0 etc), other virtual (tun0 etc, created by OpenVPN).
Is it possible to check whether a given host (IP address) can be reached ...
- 125
1
vote
1
answer
4k
views
Wireguard over TCP tunnel at 443 port, blocked ports bypassing, solution for OpenWRT
I'm facing a problem - I would like to connect many embedded devices with OpenWRT to my Wireguard server, but all the ports except 80, 443 and some others are blocked. Moreover only TCP is allowed in ...
- 11
0
votes
2
answers
61
views
Any way to redirect/tunnel HTTP stream from LAN1 to LAN2 through Raspberry?
I have a usual local (192.168.1.x) network with multiple devices and the router with internet connection.
One of the devices is a Raspberry (192.168.1.2) connected via WiFi. It also connected to the ...
- 1
1
vote
0
answers
113
views
Change tap device gateway
I have vps server, install softether on it , softether use tap device name tap_se with
subnet 192.168.24.0/21 netmask 255.255.248.0 broadcast 192.168.31.259,
clients connect with openvpn or l2tp to ...
- 11
0
votes
1
answer
205
views
why is proxied TCP traffic much faster than routed/VPNed TCP traffic
I have a VPS which can download a file from Server X at 2gbps.
I have a home internet connection which can download a file from the VPS at 1gbps, but from Server X at only 100mbps.
If I use a SOCKS ...
- 1
0
votes
2
answers
2k
views
Check whether SOCKS5 proxy server support UDP
Suppose I have UDP server that listen incoming message on 192.168.43.1:1234 and SOCKS5 proxy server that listen on 192.168.43.2:9999.
How do I check whether SOCKS5 proxy server support UDP when ...
2
votes
1
answer
594
views
How do I get the interface name created with `ip tuntap add mode tap`
I want to create a tap with sudo, and then attach the user space program (ssh) to it.
I don't want to hard code the interface name, as multiple users will be using it, so I want the interface name to ...
- 1,700
1
vote
1
answer
181
views
socat tunnel traffic drops after some time
I have two Linux machines, I want to create a tunnel between them using socat, this is my workaround:
Machine1:
socat -d -d UDP-LISTEN:4711,reuseaddr TUN:10.50.50.1/24,iff-up,iff-broadcast,iff-...
- 11
0
votes
1
answer
1k
views
Route all traffic from one interface (default gateway) through OpenVPN / tun0 - policy based routing, dependent on source address/interface
I have a Debian Linux VPN router myvpnserver with 2 interfaces, eno1 and eno2:
eno1 is connected to a LAN and an internet router. On this interface with static IP address, myvpnserver has its default ...
- 135
1
vote
0
answers
123
views
Configure SuSEfirewall2 in SLES12 SP5 to allow multicast via `sit`
I'm experimenting with multicasts in our Intranet, but it seems the Intranet does not support multicast routing.
Anyway, I set up an IP-IP tunnel (sit1) between two machines in different subnets, and ...
- 1,493
0
votes
0
answers
22
views
Treatment of parameters %h:%p for switch -W in multi hop jumps in ssh
With
ssh -oProxyCommand="ssh -W %h:%p -oProxyCommand=\"ssh -W %%h:%%p -oProxyCommand=\\\"ssh -W %%h:%%p root@jmp1\\\" root@jmp2 \" root@jmp3" root@jmp4
you can do a ...
- 135
1
vote
1
answer
2k
views
Connect to host machine from WSL2
Problem
Can't connect to Windows X Server (VcXsrv) from WSL2 due firewall rules (sometimes it works, but sometimes it doesnt; it's very strange). Changing the firewall rules is not possible.
But any ...
- 133
0
votes
3
answers
106
views
How to determine next available network interface name and ip range?
I am working on an application which can create TUN/TAP interface on host machine. I can create such interfaces using:
sudo ip tuntap add tap0 mode tap
Now the thing is, tap0 is hardcoded here. It ...
- 3,983
0
votes
0
answers
3k
views
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
I'm helpless.
I uninstalled openvpn, I did a lot of things but nothing.
1
vote
1
answer
2k
views
What is the use case difference between GRE and GRETAP?
What is the difference use case between GRE nad GRETAP? I understand that GRETAP is layer 2"Ethernet" tunnel.
But when to use GRE and when to use GRETAP? Can you give me specific example for ...
- 21
1
vote
1
answer
817
views
GRE IP to virtual machine (Proxmox) - Traceroute showing full route
88.198.49.xxx = Hetzner (will run virtual machines on this)
141.94.176.xxx = OVH (contains block below)
164.132.xxx.0/28 = IP block to use on Hetzner as virtual machines
To get GRE set up I ran the ...
- 3,033
0
votes
0
answers
2k
views
Permanent SSH tunnel through bastion host
I have the following command that I run locally on my mac to be able to access a DB server trough a bastion host:
ssh -L 9234:MYSERVERIP:5432 USER@MYBASTIONIP -i MyBastionPemKey.pem
that works just ...
- 101
3
votes
1
answer
479
views
Explain routing decision
On my linux server, I have the following routing table:
$ ip ro
default via 172.28.127.254 dev wlp0s20f3 proto dhcp metric 600
10.8.3.0/24 dev tun0 proto kernel scope link src 10.8.3.2
169.254.0.0/...
- 33
0
votes
1
answer
84
views
reverse tunneling
for simplicity ill give my servers name, server-A, server-B
server-A - a simple server with public IP, this server is 1G ram, shared CPU
server-B - a more robust server with more ram, cpu cores etc......
- 115
1
vote
2
answers
4k
views
What is the difference between '0.0.0.0/1' and 'default'?
Crew, please take a look at the routing table below. Incoming ping requests from 172.17.4.x are accepted on dev ens160 and answered via dev tun0.
What is the difference between '0.0.0.0/1' and '...
- 11
0
votes
1
answer
699
views
How to rebuild a broken SSH session automatically from the remote site?
I use Reverse SSH Tunnel behind a Customer-Grade NATed GSM Modem. This sounds terrible but it is fine. I use the following instruction:
ssh -o ServerAliveInterval=60 -f -N -T -R12345:localhost:22 ...
- 66
0
votes
1
answer
602
views
Generic TCP connections over a proxy?
Is there any way to achieve this command:
APPX --listen=127.0.0.1:1111 --socks5=someproxy.com:2222 --connect=server.com:3333
Then, if I connect to 127.0.0.1:1111, it will be as if I connected to ...
- 173
0
votes
0
answers
224
views
ICMP replies captured but not considered by ping
There is a host with a tunnel interface tunint1 with an assigned IP address. When I'm trying to ping via this interface I cannot see any replies but there are ICMP packets (both requests and replies), ...
- 1
1
vote
1
answer
492
views
How to configure a GUE receive tunnel in Linux for IPv6
I am trying to configure a GUE tunnel to receive IPv6 packets that contain GUE encapped IPv4 packets but I am having trouble de-encapsulating the packets. The IPv6 packets have a GUE encapsulated ...
1
vote
1
answer
1k
views
How to configure a transmit GUE tunnel using iproute2 for IPv6
I am trying add a transmit GUE tunnel with GRE as the header using IPV6 addresses in linux like this:
ip -6 link add name gue1 type ip6gre remote $REMOTE_IPV6 local $LOCAL_IPV6 dev eth0 encap gue ...
1
vote
1
answer
570
views
Subnets not ping eachother on strongswa vpn tunnel
AOA, I have two clients one remote and other is local but both on same LAN i.e (192.168.137.0/24), while the UBuntu servers in which strongswan is implemented are connected to each other with ethernet ...
0
votes
0
answers
348
views
How to get and use packets coming to a tunnel interface?
I have created a tunnel interface in Linux and assigned an IP for its local and remote addresses. Then, I have created a route for that interface. I want to get the packets coming to that interface ...
- 101
11
votes
1
answer
11k
views
What is this sit0 device?
I'm setting my computer (running Debian Buster) up for Hurricane Electric's IPv6 tunnel broker. They provide instructions for several configuration methods, but here's for iproute2, which I've been ...
- 885
0
votes
0
answers
39
views
Open VPN packets aren't going through tunnel
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
tls-auth ta.key 0
key-direction 0
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
push &...
- 1
2
votes
1
answer
2k
views
How can I get IPv6 when my ISP doesn't provide it?
I am trying to get IPv6 up and running on my network because I have heard about IPv6 tunnel brokers should be able to help with that.
I don't really understand how it is working, or why I need it, but ...
- 89
1
vote
1
answer
1k
views
Reverse SSH works but not passwordless. Getting password prompt
I have two systems
Personal MacOS Laptop to be referred as system-Laptop having user laptopuser. It does not have "NAT"
Server Linux to be referred as system-Server having user serveruser ...
- 511
0
votes
1
answer
2k
views
Forward network packets from host machine to QEMU image
I have got a locally built Yocto image with me running inside QEMU. I need to forward a single port from the host machine to localhost inside the QEMU image. The TAP connection I am using assigns 192....
- 11
0
votes
0
answers
529
views
How to use ssh with slirp to reach out Internet from a limited jump server?
Sorry that I might be wrong, yet I have some impressions from QEMU that SLIRP has the ability to do both ppp server and NAT stunt the same time.
The situation is, I'm under a very limited network ...
- 1
1
vote
0
answers
233
views
Tunnelling TCP to database (ms-Sql) through corporate proxy
What I know.
I have a ms sql in Internet, let say hostDB:1433
I have a corporate proxy ipProxy:8080
/bin/nc -z -v -w 1 -x ipProxy:8080 -X connect hostDB 1433
Connection to hostDB 1433 port [tcp/ms-...
- 131