Ifconfig bond0 hw ether 02:00:0a:01:01:c5 # some dummy MAC Later on there will also be a real separate Gbit NIC with a dedicated switch that will act as the primary slave (with the VPN being just a backup), but for now the bonding interface will use the VPN only. Again, since this is just a first proof of concept test, I'll only add a single slave to the bond. RX bytes:448 (448.0 B) TX bytes:468 (468.0 B)Ī Linux Bonding interface is now set up. TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 RX packets:11 errors:0 dropped:0 overruns:0 frame:0 UP BROADCAST RUNNING SLAVE MULTICAST MTU:1462 Metric:1 The bridge works because when I activate the vpn_br interface and set up some IP addresses (just for testing the bridge), ICMP PINGs work perfectly. But since for now I'm just doing a first test with two machines, the bridge is of course somewhat useless, but nonetheless important for the test itself. The end result should become a VPN mesh network (with a dedicated GRE-TAP interface for each host-host combination). I need the bridge because later on I want to add more machines (my plan is to bridge all GRE tunnels together). BridgeĪ bridge is set up that currently uses only the GRE-TAP device. On the other host the same interface is set up in the other direction. TX packets:26 errors:0 dropped:0 overruns:0 carrier:0 RX packets:19 errors:0 dropped:0 overruns:0 frame:0
UP BROADCAST RUNNING MULTICAST MTU:1462 Metric:1 Ifconfig shows: vpn_gre_pxn2 Link encap:Ethernet HWaddr 1a:73:32:7f:36:5f
GRE-TAPĪ GRE-TAP ( tunnels Ethernet frames over IP) interface is then set up in both directions, because I will need a virtual network interface later on: ip link add vpn_gre_pxn2 type gretap local 10.1.1.197 remote 10.1.1.199 dev eth1 This works, I can ping between the two machines without any problem and tcpdump shows only encrypted packets. To get a secure connection, all IP traffic is encrypted using IPsec. They are connected together using a simple switch via eth1. There are two machines, called pxn1 and pxn2. The funny thing is, that it only works when I have tcpdump running on both hosts, but more on that later. I'm trying to get Linux bonding working over a VPN (GRE-TAP).