I have 2 Linux Servers 'X' and 'Y'.
Server X has lots of resources but 2 public IPs (1 main IP bound as eth0 and 1 additional IP bound as eth0:0).
Server Y has 9 public IPs (1 main IP bound as eth0 and 8 additional IPs bound as eth0:0 to eth0:7) but a limited amount of resources.
I want to use server Y additional IPs (8 IPs) on server X so that server X will have 10 IPs total.
I googled around and I think it's possible to do so using IPIP tunnels/GRE tunnels I've been trying for a few days but so far no luck.
Here's what I've been doing on both servers:
Server X
sysctl -w net.ipv4.conf.default.rp_filter=0;
ip tunnel add tunx mode gre remote |Y's Main IP| local |X's Main IP| ttl 255 dev eth0;
ip link set tunx up;
ip addr add 10.10.1.1/32 dev tunx peer 10.10.1.2;
ip addr add |One of Y's Additional IPs|/29 dev eth0;
Server Y
sysctl -w net.ipv4.conf.all.forwarding=1;
sysctl -w net.ipv4.ip_forward=1;
sysctl -w net.ipv4.conf.all.proxy_arp=1;
sysctl -w net.ipv4.conf.eth0.rp_filter=0;
sysctl -w net.ipv4.conf.tun0.rp_filter=0;
ip tunnel add tuny mode gre remote |X's Main IP| local |Y's Main IP| ttl 255 dev eth0;
ip link set tuny up;
ip addr add 10.10.1.2/32 dev tuny;
ip route add |Y's first additional IP|/29 via 10.10.1.2;
After the above commands on both servers when I try the following command from X:
traceroute -s|One of Y's additional IPs| google.com
I get this:
traceroute to google.com (173.194.70.113), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
Best Answer
At least two errors are in your setup:
Also use /32 routes and masks for migrated addresses to prevent routing loops.
Let:
Then the following I believe is closer to working config:
ServerX:
ServerY
You may also consider alternative setup with single GRE tunnel and static NAT on ServerY to make IP addresses on ServerY available for services on ServerX.
UPD:
I just checked this. It seems to be working.
Relevant iptables config to allow traffic flows:
ServerY:
ServerX:
Problems can be debugged in the following order:
ping <tunnel-peer-address>
.tcpdump -i tun0 icmp
andtcpdump -i eth0 icmp
.Good book is "Linux Advanced Routing & Traffic Control HOWTO".