From owner-svn-src-all@FreeBSD.ORG Sat Jun 6 13:39:21 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C868DC5E; Sat, 6 Jun 2015 13:39:21 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9CA781FB2; Sat, 6 Jun 2015 13:39:21 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t56DdLGJ047039; Sat, 6 Jun 2015 13:39:21 GMT (envelope-from ae@FreeBSD.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t56DdL1C047038; Sat, 6 Jun 2015 13:39:21 GMT (envelope-from ae@FreeBSD.org) Message-Id: <201506061339.t56DdL1C047038@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: ae set sender to ae@FreeBSD.org using -f From: "Andrey V. Elsukov" Date: Sat, 6 Jun 2015 13:39:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r284075 - stable/10/share/man/man4 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Jun 2015 13:39:21 -0000 Author: ae Date: Sat Jun 6 13:39:20 2015 New Revision: 284075 URL: https://svnweb.freebsd.org/changeset/base/284075 Log: MFC r283897: Add example how to configure gre(4) tunnel with the same inner and outer addresses using multiple FIBs. Modified: stable/10/share/man/man4/gre.4 Directory Properties: stable/10/ (props changed) Modified: stable/10/share/man/man4/gre.4 ============================================================================== --- stable/10/share/man/man4/gre.4 Sat Jun 6 13:37:11 2015 (r284074) +++ stable/10/share/man/man4/gre.4 Sat Jun 6 13:39:20 2015 (r284075) @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 7, 2014 +.Dd June 2, 2015 .Dt GRE 4 .Os .Sh NAME @@ -118,6 +118,44 @@ ifconfig greN inet 192.168.2.1 192.168.1 ifconfig greN inet tunnel B A route add -net 192.168.1 -netmask 255.255.255.0 192.168.1.1 .Ed +.Pp +In case when internal and external IP addresses are the same, +different routing tables (FIB) should be used. +The default FIB will be applied to IP packets before GRE encapsulation. +After encapsulation GRE interface should set different FIB number to +outgoing packet. +Then different FIB will be applied to such encapsulated packets. +According to this FIB packet should be routed to tunnel endpoint. +.Bd -literal +Host X -- Host A (198.51.100.1) ---tunnel--- Cisco D (203.0.113.1) -- Host E + \\ / + \\ / + +----- Host B ----- Host C -----+ + (198.51.100.254) +.Ed +.Pp +On Host A (FreeBSD): +.Pp +First of multiple FIBs should be configured via loader.conf: +.Bd -literal -offset indent +net.fibs=2 +net.add_addr_allfibs=0 +.Ed +.Pp +Then routes to the gateway and remote tunnel endpoint via this gateway +should be added to the second FIB: +.Bd -literal -offset indent +route add -net 198.51.100.0 -netmask 255.255.255.0 -fib 1 -iface em0 +route add -host 203.0.113.1 -fib 1 198.51.100.254 +.Ed +.Pp +And GRE tunnel should be configured to change FIB for encapsulated packets: +.Bd -literal -offset indent +ifconfig greN create +ifconfig greN inet 198.51.100.1 203.0.113.1 +ifconfig greN inet tunnel 198.51.100.1 203.0.113.1 tunnelfib 1 +.Ed +.Pp .Sh NOTES The MTU of .Nm