0

Hello I am trying to configure a network like this network diagram :-

enter image description here

Well I have to create a GRE Tunnel at my alpha server and route some particular traffic to GRE Tunnel.I want to do the configs on CentOS.I will explain the scenario below :-

I havw two Network Cards in my server.One is eth0 and one is eth1. eth1 is connected to internet and eth0 is connected to Network A.Now i have created a GRE Tunnel through Internet that is through eth1.Now I want outgoing traffic like with destination IP address as 190.93.247.183 or www.serverfault.com should go through my GRE Tunnel and rest all the traffic should go through the eth0.How shall i do this? I think this is possible via static routing.Please explain the commands step by step as I am not so much well versed with CentOS and Networking.Thank You.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Rishabh Agnihotri
  • 3
  • 1
  • 4

2 Answers2

0

add a route rule that routes the intended IPs (those on remote LAN)to the remote IP on the GRE network (the remote router)

Skaperen
  • 1,064
  • 2
  • 11
  • 21
0

While your description does not provide enough information (such IPs, etc) for us to provide a full/complete answer, the basic idea is that you create a static route so that any traffic for that specific IP you want goes through the GRE tunnel.

So if for example you want to route 190.93.247.183 via the GRE tunnel you add a static route with the following command.

ip route add 190.93.247.183 via 10.0.0.1 dev tun0

The 10.0.0.1 address is the remote address of the GRE tunnel (not the public address) that will be used as a gateway.
So you replace it with whatever you have configured on your tunnel. In your diagram you mention this address as gre addr.

Also you need to replace tun0 with whatever name your GRE Tunnel interface has.

This route should be added on the client side (I am not sure which side is that on your diagram, you mention alpha and beta there but not on your description)

This will route everything (UDP,TCP,ICMP...) for that IP through the tunnel.
Also keep in mind that this works only for IPs. So if you want to route www.serverfault.com (which resolves to multiple IPs - and may change from time to time) you cannot do it via DNS. You need to add static routes for all related IPs you want to route through the tunnel.

Finally keep in mind that the static route will be lost after a reboot.
You will need to add it on some configuration file to persist after a reboot. Depending on your distro this is different.

Here's an example for a Debian (or debian based) disto:

On file /etc/network/interfaces

auto tun1
iface tun1 inet static
    address <tunnel IP>
    netmask <tunnel subnet mask>
    pre-up iptunnel add tun1 mode gre local <local IP> remote <remote IP> ttl 255
    up ifconfig tun1 multicast
    pointopoint <remote tunnel IP>
    post-up ip route add <IP to route via tunnel> via <remote tunnel IP> dev tun0
    post-down iptunnel del tun1

Edit:

My apologies, I didn't see that you have mentioned that you use CentOS.
Here's how to add permanent static routes on a CentOS (or any RHEL based) box.

You need to create a route file based on your interface name.
So for example if your interface name (tunnel in your case) is tun0 then you need to create the following file: /etc/sysconfig/network-interfaces/route-tun0

In it you simply add the following:

<IP to route via tunnel> via <remote tunnel IP>

For any extra IPs or subnets you want to route via the tunnel, you simply add more lines like the one abone, on the same file.
For subnets you can add them in the following format: 10.0.0.0/8

Finally to apply the above configuration you can either bring down and then up he tun0 interface 

ifdown tun0 ; ifup tun0

or completely restart the network

service network restart
Cha0s
  • 2,432
  • 2
  • 15
  • 26