[gentoo-user] Howto setup tunnel in gentoo scripts

[gentoo-user] Howto setup tunnel in gentoo scripts

[Norbert Kamenicky]

Hi everybody,

to establish gre tunnel, these commands have to be run:
(e.g. from local.start)

# ip tunnel add vpn0 mode gre remote 1.1.1.1 local 2.2.2.2 dev eth0
# ip addr add 3.3.3.3 dev vpn0
# ip link set vpn0 mtu 1420 up

Does anybody know, how to put it into /etc/conf.d/net ?
I didn't succeed yet, 'cause I found no clear doc.

Tanks in advance

noro
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Howto setup tunnel in gentoo scripts

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 1091 bytes --]

On Tue, 30 May 2006 22:29:02 +0200, Norbert Kamenicky wrote:

> to establish gre tunnel, these commands have to be run:
> (e.g. from local.start)
> 
> # ip tunnel add vpn0 mode gre remote 1.1.1.1 local 2.2.2.2 dev eth0
> # ip addr add 3.3.3.3 dev vpn0
> # ip link set vpn0 mtu 1420 up
> 
> Does anybody know, how to put it into /etc/conf.d/net ?
> I didn't succeed yet, 'cause I found no clear doc.

I take it you want these run when the interface comes up? If so, put them
in the postup() function in /etc/conf.d/net. Something like

postup() {
	if [ ${IFACE} == "eth0" ]; then
		ip tunnel add vpn0 mode gre remote 1.1.1.1 local 2.2.2.2 dev eth0
		ip addr add 3.3.3.3 dev vpn0
		ip link set vpn0 mtu 1420 up
		fi
	}

You may need to put the shutdown commands in predown().

See /etc/conf.d/net.example for more info. I use ~arch, so I don't know
for sure how much of this works in the current stable baselayout, but
I've been using these functions for over a year, so I guess it's in
stable by now.


-- 
Neil Bothwick

No maintenance: Impossible to fix.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] Howto setup tunnel in gentoo scripts

[Norbert Kamenicky]

Neil Bothwick wrote:
> On Tue, 30 May 2006 22:29:02 +0200, Norbert Kamenicky wrote:
> 
> 
>>to establish gre tunnel, these commands have to be run:
>>(e.g. from local.start)
>>
>># ip tunnel add vpn0 mode gre remote 1.1.1.1 local 2.2.2.2 dev eth0
>># ip addr add 3.3.3.3 dev vpn0
>># ip link set vpn0 mtu 1420 up
>>
>>Does anybody know, how to put it into /etc/conf.d/net ?
>>I didn't succeed yet, 'cause I found no clear doc.
> 
> 
> I take it you want these run when the interface comes up? If so, put them
> in the postup() function in /etc/conf.d/net. Something like
> 
> postup() {
> 	if [ ${IFACE} == "eth0" ]; then
> 		ip tunnel add vpn0 mode gre remote 1.1.1.1 local 2.2.2.2 dev eth0
> 		ip addr add 3.3.3.3 dev vpn0
> 		ip link set vpn0 mtu 1420 up
> 		fi
> 	}
> 
> You may need to put the shutdown commands in predown().
> 
> See /etc/conf.d/net.example for more info. I use ~arch, so I don't know
> for sure how much of this works in the current stable baselayout, but
> I've been using these functions for over a year, so I guess it's in
> stable by now.
> 

Hi Neil,

thanks for the reply ... yes, I want to start it, if eth0 goes up.

Ok, it will probably work (not tested yet), but ...
it's not a big difference if it is in local.start,
postup() function or some another script.)

I feel that's not the right way how it should be done.

This is probably a bit closer to rc-script author idea:

modules=( "iptunnel" )   # no info about it in net.example
iptunnel_vpn0=( "mode gre remote 1.1.1.1 local 2.2.2.2 dev eth0"  )
config_vpn0=( "3.3.3.3" )

postup(){
	[ ${IFACE} == "vpn0" ] && ip link set vpn0 mtu 1420 up
}



Next I like to add this route:

ip route add 4.4.4.0/24 dev vpn0

which IMO should be possible to write as:

routes_vpn0=( "4.4.4.0/24" )

but it fails with "[!!]" error, which tells me exactly nothing

Any idea ?

noro










-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Howto setup tunnel in gentoo scripts

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 893 bytes --]

On Wed, 31 May 2006 00:27:59 +0200, Norbert Kamenicky wrote:

> Ok, it will probably work (not tested yet), but ...
> it's not a big difference if it is in local.start,
> postup() function or some another script.)

There is one big difference. Running it from postup() means it is started
immediately after the interface is brought up. Put it in local.start and
it will try to run even if the interface is down or the cable unplugged.

> I feel that's not the right way how it should be done.

Why not? Those scripts are there for exactly this sort of thing, running
commands dependent on the change of status of a network interface.

The alternative would be to write your own rc-script with a depend on
net.eth0. Unless you are already fluent in writing init scripts for
runscript, this would be a lot more work.


-- 
Neil Bothwick

Oxymoron: Clearly Misunderstood.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

[gentoo-user] Re: [OT] Howto setup tunnel in gentoo scripts

[Norbert Kamenicky]

Hi Neil,

1. I doesn't mind rc-scripts at all and do not like to write them from scratch
2. Do you start eth0 from  postup() ?
   No ? So why should be tunneling interface started from there ?
3. I solved it, i.e. I showed you how it should be done.
   (At least I hope this is the way, as the author of rc-script expected to be done.)
4. forget it please...

noro




-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: [OT] Howto setup tunnel in gentoo scripts

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 470 bytes --]

On Thu, 01 Jun 2006 00:40:11 +0200, Norbert Kamenicky wrote:

> 2. Do you start eth0 from  postup() ?

Of course not, it's for commands that need to be run after eth0 is up

>    No ? So why should be tunneling interface started from there ?

Are you making net.vpn0 a symlink to net.lo, as with net.eth0? If so,
what happens if you do /etc/init.d/net.vpn0 start and eth0 is not running?


-- 
Neil Bothwick

Are you using Windows or is that just an XT?

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] Re: [OT] Howto setup tunnel in gentoo scripts

[Norbert Kamenicky]

Neil Bothwick wrote:
> 
> Are you making net.vpn0 a symlink to net.lo, as with net.eth0? If so,
> what happens if you do /etc/init.d/net.vpn0 start and eth0 is not running?
> 

Of course I did ... and it simply works, except of route setup for vpn0
(see my first reply)

noro





-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Re: [OT] Howto setup tunnel in gentoo scripts

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 598 bytes --]

On Thu, 01 Jun 2006 19:17:43 +0200, Norbert Kamenicky wrote:

> > Are you making net.vpn0 a symlink to net.lo, as with net.eth0? If so,
> > what happens if you do /etc/init.d/net.vpn0 start and eth0 is not
> > running?

> Of course I did ... and it simply works, except of route setup for vpn0
> (see my first reply)

I don't understand what you were asking for if it already works, apart
from the routing which could be fixed with a net function.

How does it deal with my second question above?


-- 
Neil Bothwick

The three Rs of Microsoft support: Retry, Reboot, Reinstall.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]