From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id BC3EE138202 for ; Thu, 5 Sep 2013 14:50:08 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 33416E0F68; Thu, 5 Sep 2013 14:50:03 +0000 (UTC) Received: from uberouter3.guranga.net (unknown [78.25.223.226]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 36BDAE0F39 for ; Thu, 5 Sep 2013 14:50:02 +0000 (UTC) Received: from [192.168.18.35] (46-65-179-123.zone16.bethere.co.uk [46.65.179.123]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by uberouter3.guranga.net (Postfix) with ESMTPSA id A6F9C8232D for ; Thu, 5 Sep 2013 15:50:00 +0100 (BST) Message-ID: <52289A13.6010403@thegeezer.net> Date: Thu, 05 Sep 2013 15:49:55 +0100 From: thegeezer User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130804 Thunderbird/17.0.8 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] GRE link state detection Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: fe5bd5b8-fac8-4b25-a924-a616b2a5db36 X-Archives-Hash: 9616b3be3ef2b4821d9d68d2b0b4f307 Howdy all, i was wondering if anyone has any idea if there is a means by which i can detect GRE link state ? what i have is two sites each with two very unstable internet links in order to vpn between them i have ipsec tunnels linking each side twice (four ipsec tunnels in total) i then have 4x GRE tunnels over the top of those in order that i have a secured routable VPN this gives me net.vpn0 net.vpn1 net.vpn2 and net.vpn3 finally i run BIRD over the top which works very well, and synchronises routing tables between the two sites, and allows for me to do such fun as # /etc/init.d/net.vpn0 stop and watch all traffic automagically cut over to another link. so far so awesome. however, as i said the internet links are very unstable, and sometimes just blackhole. so what i was hoping to do is just enable keepalives on the gre tunnel. which sadly seems to be cisco only. can anyone suggest a way of detecting if the GRE is not fully connected ? BIRD only fails over if the net.vpn0 device is down (ifconfig up/down) and for the life of me i cannot find how to detect if a GRE tunnel is 'connected', it seems to just blindly send packets to the remote IP. is my only choice to use L2TP instead ? thanks in advance for any suggestions; if anyone would like the configs in order to set this up let me know and i'll reply to list with a mini-howto PS if i'm on the wrong list i'd welcome a friendly push to the correct list