Forum Discussion

eric_156978's avatar
Jan 29, 2016
Solved

GRE Tunnel From F5 to Linux Server

Hi,

I have 2 redhat 6 linux servers that have a GRE tunnel configured between them as follows:

GRE1 Linux Server:
ONBOOT=yes
DEVICE=tun0
TYPE=GRE
MY_INNER_IPADDR=192.168.255.2
PEER_INNER_IPADDR=192.168.255.1
PEER_OUTER_IPADDR=1.1.1.1
MY_OUTER_IPADDR=2.2.2.2

GRE2 Linux Server:
ONBOOT=yes
DEVICE=tun0
TYPE=GRE
MY_INNER_IPADDR=192.168.255.1
PEER_INNER_IPADDR=192.168.255.2
PEER_OUTER_IPADDR=2.2.2.2
MY_OUTER_IPADDR=1.1.1.1

This is working just fine and I can ping both inner IPs from both directions.

I would like to replace GRE2 with an F5 and have it provide the exact same GRE tunnel to GRE1

I've tried creating the tunnel and assigning a self IP, however, I can't seem to get ping to work and I'm confused on where each of the IP addresses would go in the F5 configuration (MY_INNER_IPADDR, PEER_INNER_IPADDR, etc).

I'm looking for advise on how to mimic the configuration in GRE2 onto the F5.

Thanks!

  • I got this working.

    GRE2 to F5 translation looks like this:

    Create the tunnel:

    Network->Tunnels->Create
    Name: MyGRETunnel
    Encapsulation Type: GRE
    Local Address: 1.1.1.1
    Remote Address(Specify): 2.2.2.2
    

    Create SelfIP

    Network->SelfIPs->create
    Name: GRESelfIP
    IP Address: 192.168.255.1
    VLAN/Tunnel: MyGRETunnel
    

    Also ensure protocol 47(GRE) is allowed through firewalls and its working great.

2 Replies

  • Tunnel objects on BIG-IP act similarly to VLANs. The outer addresses should be configured as the Local and Remote address on the Tunnel configuration. MY_INNER_IPADDR should be configured as a self-IP - since BIG-IP doesn't have a directly analogous concept to Linux point-to-point links, as long as your IP addresses are adjacent and the lower one's last octet is a multiple of 2 you may be able to configure a /31 subnet for the self-IP to get similar behavior.

     

  • I got this working.

    GRE2 to F5 translation looks like this:

    Create the tunnel:

    Network->Tunnels->Create
    Name: MyGRETunnel
    Encapsulation Type: GRE
    Local Address: 1.1.1.1
    Remote Address(Specify): 2.2.2.2
    

    Create SelfIP

    Network->SelfIPs->create
    Name: GRESelfIP
    IP Address: 192.168.255.1
    VLAN/Tunnel: MyGRETunnel
    

    Also ensure protocol 47(GRE) is allowed through firewalls and its working great.