1IP-TUNNEL(8)                         Linux                        IP-TUNNEL(8)
2
3
4

NAME

6       ip-tunnel - tunnel configuration
7

SYNOPSIS

9       ip tunnel help
10
11       ip [ OPTIONS ] tunnel { add | change | del | show | prl | 6rd } [ NAME
12               ]
13               [ mode MODE ] [ remote ADDR ] [ local ADDR ]
14               [ [i|o]seq ] [ [i|o]key KEY ] [ [i|o]csum ] ]
15               [ encaplimit ELIM ] [ ttl|hoplimit TTL ]
16               [ tos TOS ] [ flowlabel FLOWLABEL ]
17               [ prl-default ADDR ] [ prl-nodefault ADDR ] [ prl-delete ADDR ]
18               [ 6rd-prefix ADDR ] [ 6rd-relay_prefix ADDR ] [ 6rd-reset ]
19               [ [no]pmtudisc ] [ [no]ignore-df ] [ [no]allow-localremote ]
20               [ dev PHYS_DEV ]
21
22       MODE :=  { ipip | gre | sit | isatap | vti | ip6ip6 | ipip6 | ip6gre |
23               vti6 | any }
24
25       ADDR := { IP_ADDRESS | any }
26
27       TOS := { STRING | 00..ff | inherit | inherit/STRING | inherit/00..ff }
28
29       ELIM := { none | 0..255 }
30
31       TTL := { 1..255 | inherit }
32
33       KEY := { DOTTED_QUAD | NUMBER }
34
35

DESCRIPTION

37       tunnel objects are tunnels, encapsulating packets in IP packets and
38       then sending them over the IP infrastructure.  The encapsulating (or
39       outer) address family is specified by the -f option. The default is
40       IPv4.
41
42
43       ip tunnel add
44              add a new tunnel
45
46       ip tunnel change
47              change an existing tunnel
48
49       ip tunnel delete
50              destroy a tunnel
51
52              name NAME (default)
53                     select the tunnel device name.
54
55
56              mode MODE
57                     set the tunnel mode. Available modes depend on the encap‐
58                     sulating address family.
59                     Modes for IPv4 encapsulation available: ipip, sit, isa‐
60                     tap, vti, and gre.
61                     Modes for IPv6 encapsulation available: ip6ip6, ipip6,
62                     ip6gre, vti6, and any.
63
64
65              remote ADDRESS
66                     set the remote endpoint of the tunnel.
67
68
69              local ADDRESS
70                     set the fixed local address for tunneled packets.  It
71                     must be an address on another interface of this host.
72
73
74              ttl N
75
76              hoplimit N
77                     set a fixed TTL (IPv4) or hoplimit (IPv6) N on tunneled
78                     packets.  N is a number in the range 1--255. 0 is a spe‐
79                     cial value meaning that packets inherit the TTL value.
80                     The default value for IPv4 tunnels is: inherit.  The
81                     default value for IPv6 tunnels is: 64.
82
83
84
85              tos T
86
87              dsfield T
88
89              tclass T
90                     set the type of service (IPv4) or traffic class (IPv6)
91                     field on tunneled packets, which can be specified as
92                     either a two-digit hex value (e.g. c0) or a predefined
93                     string (e.g. internet).  The value inherit causes the
94                     field to be copied from the original IP header. The val‐
95                     ues inherit/STRING or inherit/00..ff will set the field
96                     to STRING or 00..ff when tunneling non-IP packets. The
97                     default value is 00.
98
99
100              dev NAME
101                     bind the tunnel to the device NAME so that tunneled pack‐
102                     ets will only be routed via this device and will not be
103                     able to escape to another device when the route to end‐
104                     point changes.
105
106
107              nopmtudisc
108                     disable Path MTU Discovery on this tunnel.  It is enabled
109                     by default. Note that a fixed ttl is incompatible with
110                     this option: tunneling with a fixed ttl always makes pmtu
111                     discovery.
112
113
114              ignore-df
115                     enable IPv4 DF suppression on this tunnel.  Normally
116                     datagrams that exceed the MTU will be fragmented; the
117                     presence of the DF flag inhibits this, resulting instead
118                     in an ICMP Unreachable (Fragmentation Required) message.
119                     Enabling this attribute causes the DF flag to be ignored.
120
121
122              key K
123
124              ikey K
125
126              okey K ( only GRE tunnels ) use keyed GRE with key K. K is
127                     either a number or an IP address-like dotted quad.  The
128                     key parameter sets the key to use in both directions.
129                     The ikey and okey parameters set different keys for input
130                     and output.
131
132
133              csum, icsum, ocsum
134                     ( only GRE tunnels ) generate/require checksums for tun‐
135                     neled packets.  The ocsum flag calculates checksums for
136                     outgoing packets.  The icsum flag requires that all input
137                     packets have the correct checksum. The csum flag is
138                     equivalent to the combination icsum ocsum.
139
140
141              seq, iseq, oseq
142                     ( only GRE tunnels ) serialize packets.  The oseq flag
143                     enables sequencing of outgoing packets.  The iseq flag
144                     requires that all input packets are serialized.  The seq
145                     flag is equivalent to the combination iseq oseq.  It
146                     doesn't work. Don't use it.
147
148
149              encaplim ELIM
150                     ( only IPv6 tunnels ) set a fixed encapsulation limit.
151                     Default is 4.
152
153
154              flowlabel FLOWLABEL
155                     ( only IPv6 tunnels ) set a fixed flowlabel.
156
157
158              allow-localremote
159                     ( only IPv6 tunnels ) allow remote endpoint on the local
160                     host.
161
162
163       ip tunnel prl
164              potential router list (ISATAP only)
165
166              dev NAME
167                     mandatory device name.
168
169
170              prl-default ADDR
171
172              prl-nodefault ADDR
173
174              prl-delete ADDR
175                     Add or delete ADDR as a potential router or default
176                     router.
177
178
179       ip tunnel show
180              list tunnels This command has no arguments.
181
182

SEE ALSO

184       ip(8)
185
186

AUTHOR

188       Original Manpage by Michail Litvak <mci@owl.openwall.com>
189
190
191
192iproute2                          20 Dec 2011                     IP-TUNNEL(8)
Impressum