[Solved] GRE tunnels with RPi 2B

qbdwlr0 · September 5, 2018, 4:58pm

I have not dealt with GRE tunnels previously so I am not sure where the issue is. I would appreciate a sanity check on my configuration.

I am running an OpenWRT image that I built myself from a recent snapshot (r7878-d1ea8ac). I am running this image on a RPi 2B that has a Realtek 8152 as eth1 device in addition to the native eth0 device. The eth0 device is configured for static IP to a public (mgmt) network, while I am attempting to configure the GRE tunnel over eth1 device on a private (test) network. I have verified that the gre and kmod-gre packages are installed, as I can see them in the output of "opkg list-installed"

I have the following in /etc/config/network:

 config interface 'mgmt'
	option ifname 'eth0'
	option proto 'static'
	option ipaddr '10.9.162.25'
	option netmask '255.255.255.0'
	option ip6assign '60'

config route 'mgmt-net'
        option interface 'eth0'
        option target '10.9.162.0'
        option netmask '255.255.255.0'
        option gateway '10.9.162.1'

config interface 'test'
	option ifname 'eth1'
	option proto 'static'
	option ipaddr '30.1.0.100'
	option netmask '255.255.255.0'
	option ipv6 '0'

config interface 'test-gre'
        option proto 'gre'
        option peeraddr '30.1.0.1'

config interface 'test-client'
        option proto 'static'
        option ifname '@test-gre'
        option ipaddr '100.0.0.100'
        option netmask '255.255.255.0'

The mgmt* interfaces work fine, but the test* interfaces do not appear in ifconfig output. If I remove test-gre and test-client stanzas, then eth1 will appear in ifconfig and I can ping the gateway on the private network, but I cannot get the GRE portion to work.
I am on a steep learning curve here, so I appreciate your patience if I am doing something totally boneheaded.

jeff · September 5, 2018, 5:16pm

Just a guess, but you may be hitting the 15-character limit on interface names in the Linux kernel.

test-client in config gets "helpfully munged" into something like gre4t-test-client which is 17 characters, and silently fails. (I don't have notes on the exact prefix used in front of me right now.)

If you're going to be using .VLAN notation, as I recall from working with GRE Layer 2 tunnels, I only had four characters to work with for the UCI name; abcd.VLAN Edit: This suggests a 6-character prefix, above paragraph edited.

Here's my previously running config for a Layer 2 GRE tunnel:

config interface 'gt99'
        option proto 'gretap'
        option ipaddr '<my local address to connect from>'
        option peeraddr '<the remote address to connect to>'
        option force_link '1'

Edit: I'm also not sure how Linux handles IP aliases on a tunnel interface, or what that "really means" for packet flow and routing.

qbdwlr0 · September 5, 2018, 6:07pm

Well, I renamed 'test-gre' -> 'g30' and 'test-client' -> 'g30c', then everything magically started working!

Is there a way to turn on some verbosity to the configuration parsing in case I hit something like this in the future?

Also, the example provided in the documentation is misleading since it uses the interface names 'mytunnel' and 'mytunnel_addr' which are the same (or greater) length as the names I was using: https://openwrt.org/docs/guide-user/network/tunneling_interface_protocols#static_addressing_of_a_gre_tunnel

jeff · September 5, 2018, 6:44pm

I'm not aware of error trapping in the scripts.

I updated the page with a warning box at the top based on your comments and experience.

I also re-edited the page on /etc/config/network to make the section around interface-name length more obvious.

system · September 15, 2018, 6:44pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.