Configuring tunnels

You create and configure tunnels at the network interface tunnel level.

To create a tunnel, use the following command:

Admin@nodename# create network interface tunnel

Parameters:

Parameter

Description

enabled

Enable/disable the tunnel:

  • on

  • off

interface-number

Enter a number to include in the tunnel name (for example, if you enter 1 the interface name will be gre1).

description

Tunnel description.

alias

The interface's alias.

node-name

Cluster node where the tunnel is created.

zone

Zone to which the interface belongs.

link-info

Settings for network interface parameters:

  • bc_forwarding: control forwarding the directed broadcast packets arriving at the specified interface.

  • proxy_arp, proxy_arp_vlan: Proxy ARP mechanism. With proxy_arp, UserGate will respond to ARP requests for addresses outside the interface's network; with proxy_arp_vlan, UserGate will respond to ARP requests for addresses that belong to the interface's network.

To specify them, use the following format:

Admin@nodename# create network interface <iface-type> ... link-info [ key/value ]

where key is the parameter name. which can include lowercase Latin letters (a-z) and underscore (_), and

value is the parameter value. Parameter values can only be integers.

For example, use proxy_arp/1 to enable the Proxy ARP mechanism and proxy_arp/0 to disable it.

The link-info field is displayed only when adding parameters.

Important! You cannot delete the specified parameters.

mtu

The MTU size for the selected interface.

ip-addresses

The IP address assigned to the tunnel interface.

The IP addresses are specified as [ <ip_address/mask> ] or [ <ip_address/mask> <ip_address/mask> ]. In case of several IP addresses (with space used as the separator), the subnet mask is entered in the decimal format.

Important! Make sure to separate the square brackets with spaces on both sides.

local-ip

The local address of the Point-to-Point interface.

remote-ip

The remote address of the Point-to-Point interface.

mode

The tunnel operation mode:

  • gre: GRE (a network packet tunneling protocol developed by Cisco Systems. Its main purpose is to encapsulate network layer packets into IP packets. The IP protocol number is 47.

  • ipip: IPIP (an IP tunneling protocol that encapsulates one IP packet in another IP packet. Encapsulating one IP packet in another IP packet adds an external header with the Source IP which is the entry point into the tunnel and the Destination IP which is the exit point from the tunnel).

  • vxlan: VXLAN (tunneling protocol from Layer 2 Ethernet frames to UDP packets, port 4789).

vxlan-id

The VXLAN ID. Relevant only for a VXLAN tunnel.

To edit an existing tunnel parameters, use the following command:

Admin@nodename# set network interface tunnel <tunnel-name>

The parameters available for setting are the same as those for creating an interface, except for interface-number and node-name (you cannot change these parameter values).

To delete a tunnel interface or its parameters, use the following command:

Admin@nodename# delete network interface tunnel <tunnel-name>

You can delete the following parameters: ip-addresses.

To display information about all tunnels, use the following command:

Admin@nodename# show network interface tunnel

To display information about a single interface, use the following command:

Admin@nodename# show network interface tunnel <tunnel-name>