Git Product home page Git Product logo

linux-gre-keepalive's Introduction

linux-gre-keepalive

This eBPF program adds high-performance reply-only GRE keepalive support for Linux kernel.

Build Status

Note: If you don't want to install anything and don't care about some potential security problems, just enable the following 2 options to get native GRE keepalive support on Linux:

sysctl net.ipv4.conf.default.accept_local=1
sysctl net.ipv4.conf.all.accept_local=1

Compatiblity

Protocol Linux name XDP Executable Tested Vendors Comments
GRE gre keepalive_gre.o Cisco, MikroTik
GRE6 ip6gre keepalive_gre6.o MikroTik

Usage

Simply load the correct XDP executable on the tunnel interface you just created. For example, assume you have set up the GRE tunnel as gre0, to enable GRE keepalive:

ip link set dev gre0 xdp object build/keepalive_gre.o

To disable it without removing the tunnel interface:

ip link set dev gre0 xdp off

Loading an executable on other types of interfaces is considered an undefined behavior.

Caveats

GRE on Cisco IOS XE

On Cisco IOS XE, you must explicitly configure an ip address or an ipv6 address to make the GRE tunnel actually send something. If you don't configure IP addresses, debug tunnel keepalive will still show keepalive packets being sent, but the other end won't receive anything. A valid configuration example:

interface Tunnel10
 ip address 10.0.0.1 255.255.255.0
 keepalive 1 2
 tunnel source GigabitEthernet1
 tunnel destination your.other.end.ip.address
 tunnel mode gre ip

GRE6 (ip6gre) keepalive support

GRE6 keepalive is not supported by:

MikroTik RouterOS implements their own GRE IPv6 keepalive with inner GRE header's proto field set to 0x86dd. This have been implemented by us.

Building

Assume we are on a Debian 10.

sudo apt install build-essential clang llvm libelf-dev gcc-multilib linux-headers-$(dpkg --print-architecture)
make all

Debugging

View compiled bytecode:

llvm-objdump -S build/keepalive_gre.o

Enabling debugging output:

#define DEBUG
#define DEBUG_PRINT_HEADER_SIZE 32

Then view debug output after enabling it by:

cat /sys/kernel/debug/tracing/trace_pipe

References

Here's a list of awesome articles and projects I found useful:

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.