Differences

This shows you the differences between two versions of the page.

--- hardware:shimtunnel [2019/01/11 14:54] – [Example 2 : bind to a specific local address for tunnel endpoint] veera
+++ hardware:shimtunnel [2019/01/11 18:16] (current) – veera
@@ Line 13: / Line 13: @@
   * Gateway Node real IP : 192.169.2.81 (both should be able to ping each other)
   * Port used : UDP 5111
+  * Source IP to use on the gateway end of shim tunnel : 10.251.52.4
+<note warning>
+**Pre-check**
+  * ensure IP Forwarding is disabled ''echo 0 > /proc/sys/net/ipv4/ip_forward''
+  * local iptables firewall rules allow the UDP port ''iptables -A INPUT -p udp -m udp --dport 5111 -j ACCEPT''
+</note>
 ===== Download the Shim software =====
@@ Line 66: / Line 73: @@
-===== Options using Source NAT =====
+===== Extra reference : Use Source NAT =====
-If the above steps still do not work and a different source IP address is seen for the Shim tunnel use iptables to create a SNAT
+In the very unlikely scenario the above steps dont work and the desired source IP is not seen on the outgoing packets, use SNAT (Source NAT).This example NATs the source IP for udp packets to 5111 (custom netflow)  to be the Shim end point.
-This example NATs the source IP for udp packets to 5111 (custom netflow)  to be the Shim end point.
+<code>
+iptables -t nat -A   POSTROUTING -p udp --dport 5111 \
+    -o enp7s0  -j SNAT --to 10.251.52.4:5111
+</code>
+==== To view rules ====
 <code>
-iptables -t nat -A   POSTROUTING -p udp --dport 5111   -o enp7s0  -j SNAT --to 10.251.52.4:5111
+iptables -t nat -L -v --line-numbers
 </code>
+==== To delete a rule with id 3 ====
+<code>
+iptables -t nat -D POSTROUTING  3
+</code>