Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it:
ip tunnel add GRE01 mode gre remote 10.244.0.1 local 10.244.245.32 ttl 255
ip link set GRE01 up
ip addr add 10.244.248.126 dev GRE01
ip route add 10.244.248.125 dev GRE01
Now I have an interface GRE01 (ifconfig):
GRE10 Link encap:UNSPEC HWaddr <h_addr>
inet addr:10.244.248.126 P-t-P:10.244.248.126 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
And the following routes (ip route list):
10.244.248.125 dev GRE10 scope link
<pub_subnet> dev eth0 proto kernel scope link src <pub_ip>
default via <pub_gw> dev eth0 metric 100
As a last step, I need now to route my subnet over the tunnel:
ip route add 10.245.1.224/28 10.244.248.125
However, I am getting the error
Error: either "to" is duplicate, or "10.244.248.125" is a garbage.
So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.
Best Answer
You are missing the word via in your route command