GRE tunnel

Discussion in 'Systems Administration' started by McKing69, May 3, 2015.

  1. Hello, I'm looking a way to proxy over traffic between one of our main nodes and a backend node.
    So I was considering a few options,

    TcpTunnel
    ubuntu Redir.

    The issue with these is they don't forward IP's and really are a bit annoying.

    If I setup a GRE tunnel between the main and backend node will it essentially forward traffic between them with the original persons IP? and if so would the person be able to figure this out?
     
  2. MikeA

    MikeA Retired Moderator
    Retired Benefactor

    If you setup GRE (properly, at least) you'll be able to see player IPs fine. I wouldn't recommend using TCP tunnels for DDoS protection if that's what your only reason for using it is. Are you just having a hard time setting up GRE or something else?
     
  3. I just haven't ever set it up - I've seen some great detailed tutorials for first timers and I'm probably going to follow one on 2 testing nodes and trial and see how it goes I was just wondering if IP's indeed do forward.

    In terms of TCP tunnels, I've been fine them because the machines that are the tunnels are protected by devices infront of the machine so if it doesn't get filtered prior to hitting the machine then it wont ever be filtered by anything other then basic IPTable rules.

    Anyways, Thanks I've got atleast a go-ahead in knowing that it'll work (and be better then our setup)
     
  4. depending on your network topology you can use NAT to forward the traffic