LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-18-2011, 02:33 PM   #1
swlnx
LQ Newbie
 
Registered: Apr 2011
Posts: 3

Rep: Reputation: 0
ip tunnel


Hi I'm having a strange issue.

I have 2 linux servers in different locations.
I need to setup a ip tunnel. I follow this steps on both servers:

Server1:

ip tunnel add tun0 mode ipip local IP_Server1 remote IP_Server2 dev ethX
ip l s tun0 up
ip a a 10.10.10.1 peer 10.10.10.2 dev tun0

Server2:

ip tunnel add tun0 mode ipip local IP_Server2 remote IP_Server1 dev ethX
ip l s tun0 up
ip a a 10.10.10.2 peer 10.10.10.1 dev tun0

After creating the tunnel everything is ok, but after a time(maybe some hours), I can't ping the other end of the tunnel (ping to IP_Server1 and IP_Server2 is ok all the time; the connection to internet is very reliable). I have tried "ipip" and "gre" mode, but same result.

If I ping from two servers the other end of the tunnel, the connection is again established for some hours and ping is working in both directions.(if I ping only from one side the ping is not working)

How can I resolve this issue for no longer having to log on both servers to ping the other end of the tunnel? If I use an crondjob to ping the other end of the tunnel at 2 hours everything is working fine for weeks, but I need other solution.
 
Old 04-18-2011, 02:50 PM   #2
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,203
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
Hmm, TTL? Can you stretch the TTL?

I came accross this: http://linux-ip.net/gl/ip-tunnels/node5.html - but I guess you've already seen this...

Thor
 
Old 04-18-2011, 03:24 PM   #3
swlnx
LQ Newbie
 
Registered: Apr 2011
Posts: 3

Original Poster
Rep: Reputation: 0
I have modified TTL from inherited to 64 and 255 and the same issue appear.
 
Old 04-18-2011, 09:58 PM   #4
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,203
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
By the way, I think your approach is the right one: pinging to keep the tunnel "alive", see this (perhaps not fully related) article:
http://www.watchguard.com/help/Small...N/configv8.htm

Quote from the article

Quote:
To help keep the VPN tunnel open when there is no communication across it, enter the IP address of a computer at the other end of the tunnel as the echo host. The Firebox® X Edge will send a ping once a minute to the specified host
So, what's better that an occasional ping?

Thor
 
Old 04-19-2011, 05:35 AM   #5
swlnx
LQ Newbie
 
Registered: Apr 2011
Posts: 3

Original Poster
Rep: Reputation: 0
If you or others find any other solution please let me know. Thanks
 
Old 04-19-2011, 10:08 AM   #6
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,203
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
Hmm,

Okay, you may need the TCP keepalive feature - read this http://tldp.org/HOWTO/TCP-Keepalive-HOWTO/overview.html and http://tldp.org/HOWTO/TCP-Keepalive-...keepalive.html to use it...

This thread is in my watch list...

Thor
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ip tunnel sandeepchiks Linux - Newbie 4 11-14-2008 07:39 AM
Best way to set up tunnel dgermann Linux - Networking 4 07-16-2008 09:55 PM
Anybody knows how to tunnel ip? sovietdoc Linux - Networking 0 06-03-2006 12:55 PM
IP-IP Tunnel rickthemick Linux - Networking 2 11-10-2004 10:49 AM


All times are GMT -5. The time now is 07:00 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration