hapylestat · June 9, 2016 18:55
diff --git a/GRE Tunnel for anybody b/GRE Tunnel for anybody
 Requirements:
 - nmcli (Network Manager)
 - iptables

 Server 1 external ip: 1.1.1.1
 Server 2 external ip: 2.2.2.2

 GRE IFNAME: gre1

 Server 1 gre:
 ip 10.10.1.1
 net 10.10.1.0/24
 
 Server 2 gre:
 ip 10.10.2.1
 net 10.10.2.0/24

 Way 1: NMCLI  (RHEL, Fedora)
 ===============================

 Server 1:
 nmcli conn add type ip-tunnel ifname gre1 mode gre remote 2.2.2.2 local 1.1.1.1 -- ip-tunnel.mtu 1500 ip-tunnel.ttl 255 ipv4.method manual ipv4.addresses 10.10.1.1 ipv4.routes "10.10.2.0/24"

 Server 2:
 nmcli conn add type ip-tunnel ifname gre1 mode gre remote 1.1.1.1 local 2.2.2.2 -- ip-tunnel.mtu 1500 ip-tunnel.ttl 255 ipv4.method manual ipv4.addresses 10.10.2.1 ipv4.routes "10.10.1.0/24"

 Firewall (iptables):
 *filter
 -A INPUT -p gre -s 2.2.2.2|1.1.1.1 -j ACCEPT
 -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu


 Way 2. For Ubuntu losers (except 16.04+):
 =======================================
 Server 1:

 #!/bin/bash

 DEV=gre1
 LOCAL=1.1.1.1
 REMOTE=2.2.2.2
 IP=10.10.1.1
 NET=10.10.2.0


 up(){
 ip tunnel add $DEV mode gre remote $REMOTE local $LOCAL ttl 255
 ip link set $DEV up
 ip addr add $IP dev $DEV
 ip route add $NET/24 dev $DEV
 }


 down(){
 ip link set $DEV down
 ip tunnel del $DEV
 }




 case "$1" in
 up)
  up
  ;;
 down)
  down
  ;;
 *)
  echo "gre [up|down]"
  ;;
 esac


 Server 2:

 #!/bin/bash

 DEV=gre1
 LOCAL=2.2.2.2
 REMOTE=1.1.1.1
 IP=10.10.2.1
 NET=10.10.1.0


 up(){
 ip tunnel add $DEV mode gre remote $REMOTE local $LOCAL ttl 255
 ip link set $DEV up
 ip addr add $IP dev $DEV
 ip route add $NET/24 dev $DEV
 }


 down(){
 ip link set $DEV down
 ip tunnel del $DEV
 }




 case "$1" in
 up)
  up
  ;;
 down)
  down
  ;;
 *)
  echo "gre [up|down]"
  ;;
 esac
	Requirements:
	- nmcli (Network Manager)
	- iptables

	Server 1 external ip: 1.1.1.1
	Server 2 external ip: 2.2.2.2

	GRE IFNAME: gre1

	Server 1 gre:
	ip 10.10.1.1
	net 10.10.1.0/24

	Server 2 gre:
	ip 10.10.2.1
	net 10.10.2.0/24

	Way 1: NMCLI (RHEL, Fedora)
	===============================

	Server 1:
	nmcli conn add type ip-tunnel ifname gre1 mode gre remote 2.2.2.2 local 1.1.1.1 -- ip-tunnel.mtu 1500 ip-tunnel.ttl 255 ipv4.method manual ipv4.addresses 10.10.1.1 ipv4.routes "10.10.2.0/24"

	Server 2:
	nmcli conn add type ip-tunnel ifname gre1 mode gre remote 1.1.1.1 local 2.2.2.2 -- ip-tunnel.mtu 1500 ip-tunnel.ttl 255 ipv4.method manual ipv4.addresses 10.10.2.1 ipv4.routes "10.10.1.0/24"

	Firewall (iptables):
	*filter
	-A INPUT -p gre -s 2.2.2.2\|1.1.1.1 -j ACCEPT
	-A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu


	Way 2. For Ubuntu losers (except 16.04+):
	=======================================
	Server 1:

	#!/bin/bash

	DEV=gre1
	LOCAL=1.1.1.1
	REMOTE=2.2.2.2
	IP=10.10.1.1
	NET=10.10.2.0


	up(){
	ip tunnel add $DEV mode gre remote $REMOTE local $LOCAL ttl 255
	ip link set $DEV up
	ip addr add $IP dev $DEV
	ip route add $NET/24 dev $DEV
	}


	down(){
	ip link set $DEV down
	ip tunnel del $DEV
	}




	case "$1" in
	up)
	up
	;;
	down)
	down
	;;
	*)
	echo "gre [up\|down]"
	;;
	esac


	Server 2:

	#!/bin/bash

	DEV=gre1
	LOCAL=2.2.2.2
	REMOTE=1.1.1.1
	IP=10.10.2.1
	NET=10.10.1.0


	up(){
	ip tunnel add $DEV mode gre remote $REMOTE local $LOCAL ttl 255
	ip link set $DEV up
	ip addr add $IP dev $DEV
	ip route add $NET/24 dev $DEV
	}


	down(){
	ip link set $DEV down
	ip tunnel del $DEV
	}




	case "$1" in
	up)
	up
	;;
	down)
	down
	;;
	*)
	echo "gre [up\|down]"
	;;
	esac