Create a one-to-many tunnel

Create a one-to-many tunnel

[Vimal]

Hi,

I wish to create an IP in IP tunnel interface that works as follows:

At the sender:
* The interface checks the dst IP address on the IP packet that it receives.
* It encapsulates the IP packet inside another IP packet with:
   Field 1: source address = the interface's IP address
   Field 2: dst address = the packet's dst IP address
* The interface now transmits the packet

This is different from normal IPinIP tunnels because it is not
point-to-point.  The operation in Field 2 is similar to NAT.  Also,
this is different from SNAT, because I want the receiver to know what
the original source IP.

At the receiver, assume that there is a stack that understands this
special IPinIP packet and has a way to handle it.

If it's too specific, then I do not mind implementing it.

Thanks,
-- 
Vimal

Create a one-to-many tunnel

[Matthias Brugger]

Vimal schrieb:
> Hi,
> 
> I wish to create an IP in IP tunnel interface that works as follows:
> 
> At the sender:
> * The interface checks the dst IP address on the IP packet that it receives.
> * It encapsulates the IP packet inside another IP packet with:
>    Field 1: source address = the interface's IP address
>    Field 2: dst address = the packet's dst IP address
> * The interface now transmits the packet

your question isn't clear to me. anyway, have a look on the tun/tap kernel module, so you would be able to do the impementation in userspace (might be good for a first prototype or even good enough...).

good luck.
matthias

> 
> This is different from normal IPinIP tunnels because it is not
> point-to-point.  The operation in Field 2 is similar to NAT.  Also,
> this is different from SNAT, because I want the receiver to know what
> the original source IP.
> 
> At the receiver, assume that there is a stack that understands this
> special IPinIP packet and has a way to handle it.
> 
> If it's too specific, then I do not mind implementing it.
> 
> Thanks,

Create a one-to-many tunnel

[Vimal]

Hi Matthias,

On 15 March 2011 06:26, Matthias Brugger <matthias.bgg@googlemail.com> wrote:
>
> your question isn't clear to me. anyway, have a look on the tun/tap kernel
> module, so you would be able to do the impementation in userspace (might be
> good for a first prototype or even good enough...).
>

Sorry if I wasn't clear.

I wanted to create an IP in IP tunnel interface.  As far as I know,
tunnel creation support is available for point to point tunnels; i.e.,
we setup an IP in IP tunnel from host A (fixed IP)---host B (fixed IP)
and every packet that is transmitted via the tunneled iface at A is
encapsulated with B's IP address and routed from A (to B).

I wanted an iface that does encapsulation irrespective of what the
destination IP is.

i.e., any packet that is transmitted from the tunnel iface on host A
is encapsulated within another IP header.

The reason I need this is that A can have multiple interfaces to reach
B.  Depending on which iface the packet was sent on, I need the source
IP to be changed (which is basically SNAT).  But for some reason, I
require protocol stack at A to bind to one virtual IP address and B to
know what the virtual IP address is.

Yes, tun/tap should be easy to implement in user space.  I was
initially looking at off-the-shelf components.

I looked at the source code of IP in IP tunnel and modified it
accordingly to create a kernel module as per my requirements.

Thanks!
-- 
Vimal