gretap tunnel doesnt work
dra9ula opened this issue · comments
Hey guys,
I am running latest ubuntu docker image, ifupdown-ng 0.11.3 and I am trying to setup a gretap tunnel using following config
auto gretap1
iface gretap1
tunnel-mode gretap
tunnel-remote 1.1.1.1
tunnel-local 2.2.2.2
tunnel-physdev wg1
tunnel-pmtudisc 0
address 2.2.2.2/24
but when doing ifup -afv
I get the following error
+ eval ip -4 link add gretap1 type gretap dev 'wg1' local '2.2.2.2' mode 'gretap' remote '1.1.1.1' nopmtudisc
+ ip -4 link add gretap1 type gretap dev wg1 local 2.2.2.2 mode gretap remote 1.1.1.1 nopmtudisc
Usage: ... gretap [ remote ADDR ]
[ local ADDR ]
[ [no][i|o]seq ]
[ [i|o]key KEY | no[i|o]key ]
[ [no][i|o]csum ]
[ ttl TTL ]
[ tos TOS ]
[ [no]pmtudisc ]
[ [no]ignore-df ]
[ dev PHYS_DEV ]
[ fwmark MARK ]
[ external ]
[ noencap ]
[ encap { fou | gue | none } ]
[ encap-sport PORT ]
[ encap-dport PORT ]
[ [no]encap-csum ]
[ [no]encap-csum6 ]
[ [no]encap-remcsum ]
Where: ADDR := { IP_ADDRESS | any }
TOS := { NUMBER | inherit }
TTL := { 1..255 | inherit }
KEY := { DOTTED_QUAD | NUMBER }
MARK := { 0x0..0xffffffff }
this is because the evaluated command contains both type gretap
aswell as mode gretap
, of which latter is not expected. Seems that it was fixed in #143, but then broken again in #147 due to not unseting IF_TUNNEL_MODE in case of gretap mode. I am not sure why it was done like this, could you have a look?
/Piotr
unset IF_TUNNEL_MODE
should be run always, therefore moved under the case/esac?
Hello,
Sorry for unrelated question, but are you trying to run GRE tunnel over WireGuard?
jepp, I do ;)
Hi @dra9ula,
I think there is an issue in the tunnel executor. If somebody will promote me as a maintainer to this project I can take over the issue and try to fix the bug.
I already pushed a lot of bug fixes and added new features like Teaming and VRRP but the project owners seems that are not moving at all! The only one who still tries to push the bug fixes is @Neustradamus
I already started my fork and I'm trying to push some bug fixes and the new features into my main.
@EasyNetDev: I have no rights in this organization...
Maybe @kaniini, can add you and me in the project.
I think there is also problem with the logic how tunnel-ignore-df and tunnel-pmtudisc are handled. Like they can't be used together. This changes made it work for me:
--- tunnel.orig 2024-02-08 14:47:11.943046578 +0100
+++ tunnel 2024-02-08 14:51:43.818019389 +0100
@@ -12,8 +12,8 @@
yesno() {
case "$1" in
- yes|1) echo 1 ;;
- *) echo 0 ;;
+ [Yy]|[Yy][Ee][Ss]|1) return 0 ;;
+ *) return 1 ;;
esac
}
@@ -81,20 +81,20 @@
# Handle boolean switches
MORE_PARAMS=""
if [ "${IF_TUNNEL_IGNORE_DF}" ]; then
- if $(yesno "${IF_TUNNEL_IGNORE_DF}"); then
- MORE_PARAMS="ignore-df"
+ if yesno "${IF_TUNNEL_IGNORE_DF}"; then
+ MORE_PARAMS="${MORE_PARAMS}${MORE_PARAMS:+ }ignore-df"
else
- MORE_PARAMS="noignore-df"
+ MORE_PARAMS="${MORE_PARAMS}${MORE_PARAMS:+ }noignore-df"
fi
unset IF_TUNNEL_IGNORE_DF
fi
if [ "${IF_TUNNEL_PMTUDISC}" ]; then
- if $(yesno "${IF_TUNNEL_PMTUDISC}"); then
- MORE_PARAMS="pmtudisc"
+ if yesno "${IF_TUNNEL_PMTUDISC}"; then
+ MORE_PARAMS="${MORE_PARAMS}${MORE_PARAMS:+ }pmtudisc"
else
- MORE_PARAMS="nopmtudisc"
+ MORE_PARAMS="${MORE_PARAMS}${MORE_PARAMS:+ }nopmtudisc"
fi
unset IF_TUNNEL_PMTUDISC