I am having problems getting an IPIP tunnel working in Bering <http://leaf.sourceforge.net/devel/jnilo/>. I am
connected to the Internet via a bridged ADSL connection. My ISP is
routing a /28 subnet through a tunnel over the ADSL link.

Routed subnet: 150.101.213.64/28
eth0 - Local physical IP: 150.101.214.214
Remote physical IP: 150.101.214.213

Remote tunnel end IP: 150.101.212.17
eth1 - LAN: 150.101.214.65

I have set the tunnel up with the following commands:

ip tunnel add tunl1 mode ipip remote 150.101.212.17 local
150.101.214.214 ttl 255
ip addr add 150.101.213.65/32 dev tunl1
ip link set tunl1 up


The command 'ip addr' shows:

1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: tunl0@NONE: <NOARP> mtu 1480 qdisc noop
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast
qlen 100
link/ether 00:00:d1:ed:6a:c1 brd ff:ff:ff:ff:ff:ff
inet 150.101.214.214/30 brd 150.101.214.215 scope global eth0
5: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:00:d1:ed:6a:c2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.33/24 brd 192.168.1.255 scope global eth1
6: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:00:d1:ed:6a:c3 brd ff:ff:ff:ff:ff:ff
inet 150.101.213.65/28 brd 150.101.213.80 scope global eth2
7: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 100
link/ether 00:00:d1:ed:6a:c4 brd ff:ff:ff:ff:ff:ff
8: tunl1@NONE: <POINTOPOINT,NOARP,UP> mtu 1480 qdisc noqueue
link/ipip 150.101.214.214 peer 150.101.212.17
inet 150.101.213.65/32 scope global tunl1


And 'ip route' shows:

150.101.214.212/30 dev eth0 proto kernel scope link src
150.101.214.214
150.101.213.64/28 dev eth2 proto kernel scope link src
150.101.213.65
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.33
default via 150.101.214.213 dev eth0

I can't ping from the outside to any of the tunnelled addresses
including the eth1 device on the router. tcpdump seems to show that
the ping packets are arriving at eth0.

I have removed shorewall until I can get this going to ensure that it
is not blocking anything.

Any ideas gratefully accepted as I need to get this up and running as
soon as possible as I have to cutover my LAN to the ADSL next week.

--
Best wishes,
Malcolm