Monday, August 4, 2008

YaST network and Tunnels

From version yast2-network-2.17.14 YaST has support for creating tunnels. This is good for virtual networking, VPN and virtualization.
But theory you can read on many places (including wikipedia), so here is practical example of configuration:

My previous "usual" configuration

urchin:/home/mzugec/svn/trunk/network # ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
2: eth0: <broadcast,multicast,promisc,up,lower_up> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:11:d8:39:4e:d0 brd ff:ff:ff:ff:ff:ff
inet 10.20.1.28/21 brd 10.20.7.255 scope global eth0
3: eth1: <broadcast,multicast> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:11:d8:39:5c:e4 brd ff:ff:ff:ff:ff:ff



In YaST, remove configuration from eth0 (because this configuration belongs to bridge - see later)


Create new TAP device, click Next


Leave default "Persistent Tunnel" and set owner and/or group to access this device from user account



Configuration overview


Create new network interface type bridge


Put eth0 and tap0 into bridge and configure bridge with DHCP (as eth0 before)


Configuration overview



urchin:/home/mzugec/svn/trunk/network/src # ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
2: eth0: <broadcast,multicast,promisc,up,lower_up> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:11:d8:39:4e:d0 brd ff:ff:ff:ff:ff:ff
3: eth1: <broadcast,multicast> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:11:d8:39:5c:e4 brd ff:ff:ff:ff:ff:ff
24: tap0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast qlen 500
link/ether 00:ff:1c:00:23:8b brd ff:ff:ff:ff:ff:ff
25: br0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc noqueue
link/ether 00:11:d8:39:4e:d0 brd ff:ff:ff:ff:ff:ff
inet 10.20.1.28/21 brd 10.20.7.255 scope global br0

urchin:/home/mzugec/svn/trunk/network/src # brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0011d8394ed0 no eth0
tap0


Using TAP device with VirtualBox.

Virtualized machine through tunnel connected into bridge is accessible from outside network!

5 comments:

Anonymous said...

Really awesome post. This is exactly what I was looking for, and few days ago wasted half a day for this. With other distros you have to mess with command line but with opensuse it's so easy. Thanks.

Anonymous said...

Thumbs up !

Anonymous said...

Thanks for your effort on this! Really great. I've updateded my Suse 11.0 with the yast2-network 2.17.61 and it works (but lost icons in yast) Hint@everybody: All time you alter network config, the default gateway gets lost, you have to reenter this! Symtoms: Can't get through to the internet.

Anonymous said...

Me again..
I resolved the 'lost icons in yast' by updating yast2-theme-openSUSE-Oxygen' from 2.16 to 2.17.x

Anonymous said...

Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you!