LoginSignup
0
0
@spicecurry05(スパイスカレー)

IPinIPの検証

Posted at

概要

LinuxのIP in IPを検証する。
ip tunnelコマンドでトンネルを作成する。

環境

  • osx上でmultipassで仮想マシン(Ubuntu20.04)を複数起動し構築する。

検証1

network namespaceで以下の環境を構築する。

Untitled Diagram-4.drawio-3.png


sudo ip netns add moon
sudo ip netns add sun
sudo ip netns add sun-lan

sudo ip link add sunlan-veth0 type veth peer name sun-veth0
sudo ip link add sun-veth1 type veth peer name moon-veth1
sudo ip link set sunlan-veth0 netns sun-lan
sudo ip link set sun-veth0 netns sun
sudo ip link set sun-veth1 netns sun
sudo ip link set moon-veth1 netns moon

sudo ip netns exec sun-lan ip link set sunlan-veth0 up
sudo ip netns exec sun ip link set sun-veth1 up
sudo ip netns exec sun ip link set sun-veth0 up
sudo ip netns exec moon ip link set moon-veth1 up
sudo ip netns exec sun sysctl net.ipv4.ip_forward=1

sudo ip netns exec sun ip addr add 172.16.17.18/16 dev sun-veth1
sudo ip netns exec moon ip addr add 172.16.17.19/16  dev moon-veth1

sudo ip netns exec sun ip addr add 192.168.0.1/24 dev sun-veth0
sudo ip netns exec sun-lan ip addr add 192.168.0.10/24 dev sunlan-veth0 

sudo ip netns exec sun-lan ip route add  default via 192.168.0.1

sudo ip netns exec sun ip tunnel add tun0 mode ipip remote 172.16.17.19 local 172.16.17.18 dev sun-veth1
sudo ip netns exec sun ifconfig tun0 10.0.0.1 netmask 255.255.255.252 pointopoint 10.0.0.2
sudo ip netns exec sun ifconfig tun0 mtu 1500 up

sudo ip netns exec moon ip tunnel add tun0 mode ipip remote 172.16.17.18 local 172.16.17.19 dev moon-veth1
sudo ip netns exec moon ifconfig tun0 10.0.0.2 netmask 255.255.255.252 pointopoint 10.0.0.1
sudo ip netns exec moon ifconfig tun0 mtu 1500 up

sudo ip netns exec sun route add -net 10.0.0.2 netmask 255.255.255.255 dev tunl0
sudo ip netns exec moon ip route add default via 10.0.0.1

moonの環境ではping応答をするためにdefault gwをトンネルに設定。

pingで導通することを確認。

ubuntu@ipip:~$ sudo ip netns exec sun ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.034 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.065 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.049 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.060 ms
64 bytes from 10.0.0.2: icmp_seq=5 ttl=64 time=0.060 ms
64 bytes from 10.0.0.2: icmp_seq=6 ttl=64 time=0.058 ms
64 bytes from 10.0.0.2: icmp_seq=7 ttl=64 time=0.059 ms
64 bytes from 10.0.0.2: icmp_seq=8 ttl=64 time=0.059 ms
^C
--- 10.0.0.2 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7348ms
rtt min/avg/max/mdev = 0.034/0.055/0.065/0.009 ms
ubuntu@ipip:~$ sudo ip netns exec sun-lan ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=0.052 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=63 time=0.076 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=63 time=0.074 ms
^C
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2035ms
rtt min/avg/max/mdev = 0.052/0.067/0.076/0.010 ms

パケットキャプチャでカプセル化されていることを確認。

スクリーンショット 2024-01-01 16.04.46.png

参考

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0