Cannot Delete GRE Tunnel

Question

I am configuring a GRE tunnel in Linux 2.6.26 and I've been facing a very strange problem for which I could not find any solution.

I have created a GRE tunnel called gre0, but no matter what I do, I am simply unable to delete this tunnel. The command ip tunnel del gre0 fails with the response ioctl: Operation not permitted. Any attempt to change the addresses of the tunnel also fails.

The following commands illustrate the problem:

# ip tunnel del gre0
ioctl: Operation not permitted
# ip tunnel change gre0
# ip tunnel change gre0 remote <some address> local <some address>
ioctl: No such file or directory

I can create, change and delete other tunnels without any problem, but gre0 just sticks there and does not go away, even if I reboot or take the interfaces down.

If I remove the ip_gre module, the tunnel disappears. As soon as I insert the module again, gre0 reappears and the problem continues.

I have two questions:

What can I do to get rid of this pesky tunnel? I suspect this might be a kernel or a module bug.
Where such persistent data (in this case, the information for gre0, but this applies to any other setup I may be even unaware of) is stored?

If any other information is needed, please let me know.

Thanks a lot for any help.

score 25 · Answer 1 · answered Mar 15 '11 at 20:27

I believe I've found myself an answer to this problem.

After tinkering for a while, I decided to reproduce the problem in a clean installation.

The ip_gre module is not inserted by default in the kernel after installing Debian. ip tunnel show does not display any tunnel. After inserting the ip_gre module, but without creating any tunnel, gre0 appears and is undeletable and unchangeable as expected. Thus gre0 seems to be a dummy tunnel created by default by the ip_gre module.

The frustrating part is that this 'feature' is totally undocumented, and is even an unexpected one, since it might be natural to attempt to create a gre0 tunnel as the first (and only) GRE tunnel in a system.

This is also true for tunl0 and sit0. – Oliver Twist Apr 06 '11 at 09:01 — Oliver Twist, Apr 06 '11 at 09:01
And, for `tunl0`, it's `ipip` instead. – i336_ Aug 24 '19 at 09:00 — i336_, Aug 24 '19 at 09:00

Anton Danilov · Accepted Answer · 2019-07-18T09:55:30.297

The gre0 tunnel interface is named as the fallback interface and has special meaning. It's created by ip_gre kernel module at initialization of module. You cannot disable this feature.

When the host receives gre packets for which the suitable tunnel interface isn't found, this fallback interface will be used. Unfortunately, it's really undocumented feature. Only in the source code this is described.

Same logic is used for other types of tunneling.

So you cannot remove it completely without lost of other gre tunnels. But you can rename it with command ip link set dev gre0 name gre_fallback. And then you can create the other gre tunnel with gre0 name.

After eight years, the correct answer appears. Thanks! – alecov Jul 22 '19 at 15:42 — alecov, Jul 22 '19 at 15:42

score 1 · Answer 3 · edited Jul 18 '19 at 09:47

1

You need to verify that the gre module is completely removed. Run

sudo lsmod | grep gre

to check if the module is in the list. If it is, run

sudo rmmod ip_gre
sudo rmmod gre

to remove them from the kernel.

edited Jul 18 '19 at 09:47

Jenny D

27,358
21
74
110

answered Jul 18 '19 at 03:12

Tony

11
1

Cannot Delete GRE Tunnel

3 Answers3