LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-10-2013, 10:02 PM   #1
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Rep: Reputation: 115Reputation: 115
Looking for a tunneling/encapsulation protocol


I am looking for a tunneling/encapsulation protocol that can carry IP packets (v4 or v6) over IP or a higher protocol like UDP. I prefer a non-negotiated one, where if the configuration exists correctly on each end, it works, and if not, packets are just thrown away (keep it simple).
 
Old 02-10-2013, 11:52 PM   #2
jnihil
Member
 
Registered: Dec 2012
Distribution: Debian, Xubuntu, Gentoo, CentOS, Bhodi
Posts: 47

Rep: Reputation: 2
GRE

How about GRE? Supports tunneling of both IPv4/IPv6, uses IPv4/UDP for the tunnel transport across the Internet, and the config looks quite painless:

http://www.linuxfoundation.org/colla...king/tunneling
 
Old 02-11-2013, 01:00 AM   #3
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Original Poster
Rep: Reputation: 115Reputation: 115
Why would it be limited to just IPv4 as the protocol it gets transported in?

GRE fields have issues. Ultimately, none of them are really needed for an encapsulation protocol that only encapsulates IP (up to IPv15). We can be rid of the protocol type if only IP is being encapsulated as part of the definition of the protocol. Encapsulation of IP does not need a checksum field since IPv4 and IPv6 checksum their headers, and their underlying protocols (UDP, TCP, SCTP, etc) take care of the rest. Without a checksum, we don't need a checksum bit. So that ends up with a protocol that is nothing more than a version. So then it doesn't even need a version since it is nothing.

Just define an IP protocol (like GRE uses 47), and/or a port number (that can be used in UDP, TCP, and SCTP) for "vanilla encapsulation" where the IPvX packet is the payload. This is apparently what IP in IP is (RFC 2003 and some talk about it in RFC 3168 that might be of interest). And as far as I can see, IPsec, despite lots of talk about how tunnel mode works, appears to be just IP in IP where the payload will be encrypted.

But IPsec would do tunnel mode with the end points doing BOTH the encapsulation and the encryption. I am wanting this functionality separated, so that IPsec encryption can be done separate from the tunnel encapsulation (which will be routed via the outer layer IPv{4,6} header through the IPsec rputer).
 
Old 02-11-2013, 01:09 AM   #4
jnihil
Member
 
Registered: Dec 2012
Distribution: Debian, Xubuntu, Gentoo, CentOS, Bhodi
Posts: 47

Rep: Reputation: 2
Quote:
Originally Posted by Skaperen View Post
Why would it be limited to just IPv4 as the protocol it gets transported in?
Just an example since most ISPs I know of are using IPv4.
 
Old 02-11-2013, 06:25 PM   #5
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Original Poster
Rep: Reputation: 115Reputation: 115
Quote:
Originally Posted by jnihil View Post
Just an example since most ISPs I know of are using IPv4.
I think any encapsulation protocol should be made to work, by definition, in both IPv4 and IPv6. That should be especially so, without any new effort, for protocol that has its own IP protocol number, or works under an existing transport protocol like TCP, UDP, or SCTP. A single ONE universal IP encapsulation protocol within IP should exist with non-specific functionality for both v4 and v6. IOW, it should just work in v4 or v6, and encapsulate either v4 or v6, with no particular effort for either.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
HTTP Tunneling or VPN Tunneling Teomari Linux - Networking 3 04-09-2007 07:52 PM
incoming tunneling or tunneling via a 3rd party? JustinHoMi Linux - Networking 1 04-15-2005 01:57 PM
Tunneling using the ping protocol Wynand1 Linux - Security 2 04-13-2004 01:54 PM
ADSL encapsulation/modulation methods MadCactus Linux - Networking 3 07-23-2003 10:25 PM
Encapsulation mikeshn Programming 5 03-17-2002 11:57 PM


All times are GMT -5. The time now is 12:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration