Trisul Network Analytics
Developer Zone

User Tools

Site Tools

You are here: Home » hardware » Setting up a GRE Tunnel to send Netflow to remote machine
Trace:
hardware:gretunnel

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
hardware:gretunnel [2019/01/07 11:38] veerahardware:gretunnel [2023/04/10 20:06] (current) – [Setting up a GRE Tunnel to send Netflow to remote machine] veera
Line 4: Line 4:
 This document explains how to setup a point to point GRE Tunnel which will be used to route Netflow packets to a remote Trisul. This document explains how to setup a point to point GRE Tunnel which will be used to route Netflow packets to a remote Trisul.
  
-The gateway machine is at one end of the tunnel, the Trisul server is at the other end. All  your routers can send Netflow to the Gateway machine on port 2055, or 5111. They will be send to the Trisul server through the tunnel.+The gateway machine is at one end of the tunnel, the Trisul server is at the other end. All  your routers can send Netflow to the Gateway machine on port 2055, or 5111. They will be send to the Trisul server through the tunnel.  
 + 
 +Substitute the following settings in this guide to suit your environment 
 + 
 +  - Trisul Probe real IP :  192.168.2.99 
 +  - Gateway Node real IP :  192.169.2.81    (both should be able to ping each other) 
 +  - Port used : UDP 5111 
 +  - GRE tunnel for the point to point tunnel : 10.200.200.200/30  (not visible outside)  
 + 
 + 
 +===== Ensure kernel module ip_gre is loaded  ===== 
 + 
 +On the machine ensure the ip_gre kernel module is loaded. If you are using a LXC or Docker container ensure the kernel on the host has the module loaded 
 + 
 +<code> 
 + 
 +modprobe ip_gre 
 + 
 +</code> 
 + 
 +Loading this kernel module will create a device called gre0
  
 ===== Setup GRE on the gateway node ===== ===== Setup GRE on the gateway node =====
Line 23: Line 43:
  
 <code> <code>
-  ip tunnel add gre1 mode gre remote 192.168.2.99 local 192.168.2.81 ttl 255 +ip tunnel add gre1 mode gre remote 192.168.2.99 local 192.168.2.81 ttl 255 
-  ip link set gre1 up +ip link set gre1 up 
-  ip addr add 10.200.200.201/30 dev gre1+ip addr add 10.200.200.201/30 dev gre1
 </code> </code>
  
Line 31: Line 51:
  
 <code> <code>
-ip route+ip route
  
 10.200.200.200/30 dev gre1 proto kernel scope link src 10.10.10.99  10.200.200.200/30 dev gre1 proto kernel scope link src 10.10.10.99 
Line 54: Line 74:
  
 <code> <code>
-  ip tunnel add gre1 mode gre remote 192.168.2.81  local 192.168.2.99  ttl 255 +ip tunnel add gre1 mode gre remote 192.168.2.81  local 192.168.2.99  ttl 255 
-  ip link set gre1 up +ip link set gre1 up 
-  ip addr add  10.200.200.202/30  dev gre1+ip addr add  10.200.200.202/30  dev gre1
 </code> </code>
  
Line 63: Line 83:
  
  
-====== Run Trisul on gre1 in LIBPCAP mode ======+===== Run Trisul on gre1 in LIBPCAP mode =====
  
-Now the Trisul Probe node will get all the router netflows on the new gre1 interface. +Nowthe Trisul Probe node will redeive all the router netflows on the **new gre1** interface.  
  
   - Login as admin   - Login as admin
hardware/gretunnel.1546841302.txt.gz · Last modified: 2019/01/07 11:38 by veera