Hi all,
I'm wondering if anyone can help with the NHRP configuration?
I have read through the documentation and can't figure out how exactly it's supposed to be configured.
And on the spoke, I get this from tcpdump "ICMP 192.168.23.193 protocol 47 port 8193 unreachable, length 124".
It looks like IP protocol 47 (GRE) is not listening on hub, which means it's not configured right I guess....
Any help is appreciated.
My topology has got one hub and one spoke.
The hub:
eth0 IP: 192.168.23.193
gre1 IP: 192.168.34.1
The spoke:
eth0 IP: 192.68.23.203
gre1 IP: 192.168.34.3
My current configs:
The hub:
===CentOS===
ip tunnel add gre1 mode gre key 42 ttl 64
ip addr add 192.168.34.1/32 dev gre1
ip link set gre1 up
iptables -A FORWARD -i gre1 -o gre1 \
-m hashlimit --hashlimit-upto 4/minute --hashlimit-burst 1 \
--hashlimit-mode srcip,dstip --hashlimit-srcmask 16 --hashlimit-dstmask 16 \
--hashlimit-name loglimit-0 -j NFLOG --nflog-group 1 --nflog-range 128
===nhrpd===
nhrp nflog-group 1
!
debug nhrp all
!
interface gre1
ip nhrp network-id 1
ip nhrp nhs dynamic nbma 192.168.23.193
ip nhrp redirect
ip nhrp registration no-unique
ip nhrp shortcut
no link-detect
tunnel source eth0
The spoke:
===CentOS===
ip tunnel add gre1 mode gre remote 192.168.23.193 local 192.168.23.203 ttl 255 key 42
ip link set gre1 up
ip addr add 192.168.34.3 peer 192.168.34.1 dev gre1
===nhrpd===
debug nhrp all
!
interface gre1
ip nhrp network-id 1
ip nhrp nhs dynamic nbma 192.168.23.193
ip nhrp registration no-unique
ip nhrp shortcut
no link-detect
tunnel source eth0
!
Regards,
Terry
I'm wondering if anyone can help with the NHRP configuration?
I have read through the documentation and can't figure out how exactly it's supposed to be configured.
And on the spoke, I get this from tcpdump "ICMP 192.168.23.193 protocol 47 port 8193 unreachable, length 124".
It looks like IP protocol 47 (GRE) is not listening on hub, which means it's not configured right I guess....
Any help is appreciated.
My topology has got one hub and one spoke.
The hub:
eth0 IP: 192.168.23.193
gre1 IP: 192.168.34.1
The spoke:
eth0 IP: 192.68.23.203
gre1 IP: 192.168.34.3
My current configs:
The hub:
===CentOS===
ip tunnel add gre1 mode gre key 42 ttl 64
ip addr add 192.168.34.1/32 dev gre1
ip link set gre1 up
iptables -A FORWARD -i gre1 -o gre1 \
-m hashlimit --hashlimit-upto 4/minute --hashlimit-burst 1 \
--hashlimit-mode srcip,dstip --hashlimit-srcmask 16 --hashlimit-dstmask 16 \
--hashlimit-name loglimit-0 -j NFLOG --nflog-group 1 --nflog-range 128
===nhrpd===
nhrp nflog-group 1
!
debug nhrp all
!
interface gre1
ip nhrp network-id 1
ip nhrp nhs dynamic nbma 192.168.23.193
ip nhrp redirect
ip nhrp registration no-unique
ip nhrp shortcut
no link-detect
tunnel source eth0
The spoke:
===CentOS===
ip tunnel add gre1 mode gre remote 192.168.23.193 local 192.168.23.203 ttl 255 key 42
ip link set gre1 up
ip addr add 192.168.34.3 peer 192.168.34.1 dev gre1
===nhrpd===
debug nhrp all
!
interface gre1
ip nhrp network-id 1
ip nhrp nhs dynamic nbma 192.168.23.193
ip nhrp registration no-unique
ip nhrp shortcut
no link-detect
tunnel source eth0
!
Regards,
Terry