From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Ramon de Vries" <ds9a@ramondevries.nl>
Date: Wed, 02 Oct 2002 00:17:32 +0000
Subject: [LARTC] Problems with GRE-tunnel and IP Masq
Message-Id: <marc-lartc-103351803615780@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hi all,

I'm managing a wireless network with around 70 sites in Ecuador, all linux
routers and Lucent RG-1000/Aironet bridges.
I have 5 exits (5 diffent ISPs) in my network and I want to change the
static routing for dynamic routing  with  redundancy.
Because all 5 ISPs have their own clients I want to connect all clients to
their ISP using GRE tunnels (and in the future IPSEC) and internally do
dynamic routing between client and ISP.

But I run in a strange problem: When I use GRE tunnel with static routing
(with and without IP Masq), sending and  recieving e-mail, pinging internet
and traceroute works OK, but surfing the web is extreemly slow (NOT
WORKING).
(below more information on setup, without tunnel everything is working OK)

I searched the internet but could not find any similar cases, what's
happening? Is this a problem with MTU? GRE is 1476  the other interfaces
1500 or something else?
(we observed a strange effect, if we surf the web via a yahoo messenger it
does work!!!, but within IE it doesn't)

Can I solve the dynamic routing with 5 exits (and for every client it's own
exit ) in another way?

(it's important that very client enters/leaves through their ISP, only my
internal network should be dynamic)

Ramon


-----------------------
Setup
---------
I'm using RedHat linux 7.3 kernel 2.4.9-31
client network (windows)
192.168.236.0/24
    |
    |
linux box
eth0 192.168.236.1
eth1 10.9.8.61
eth1 GRE tunnel to 10.8.8.1
    |
    |
wireless network
10.0.0.0/8 (3 linux hops, min 50 ms avg 150ms max 250ms)
    |
    |
linux box
eth1 10.8.8.1
eth1 GRE tunnel to 10.9.8.61
eth0 real IP 200.61.x.y using IP Masq for private net 192.168.0.0/16


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/