-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathblog.html
More file actions
113 lines (110 loc) · 120 KB
/
blog.html
File metadata and controls
113 lines (110 loc) · 120 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<!doctype html>
<html lang="en" dir="ltr" class="blog-wrapper blog-list-page plugin-blog plugin-id-default" data-has-hydrated="false">
<head>
<meta charset="UTF-8">
<meta name="generator" content="Docusaurus v3.5.1">
<title data-rh="true">Blog | Okda Networks</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:image" content="https://docs.okdanetworks.com/img/logo.png"><meta data-rh="true" name="twitter:image" content="https://docs.okdanetworks.com/img/logo.png"><meta data-rh="true" property="og:url" content="https://docs.okdanetworks.com/blog"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" property="og:title" content="Blog | Okda Networks"><meta data-rh="true" name="description" content="Blog"><meta data-rh="true" property="og:description" content="Blog"><meta data-rh="true" name="docusaurus_tag" content="blog_posts_list"><meta data-rh="true" name="docsearch:docusaurus_tag" content="blog_posts_list"><link data-rh="true" rel="icon" href="/img/favicon2.jpg"><link data-rh="true" rel="canonical" href="https://docs.okdanetworks.com/blog"><link data-rh="true" rel="alternate" href="https://docs.okdanetworks.com/blog" hreflang="en"><link data-rh="true" rel="alternate" href="https://docs.okdanetworks.com/blog" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"Blog","@id":"https://docs.okdanetworks.com/blog","mainEntityOfPage":"https://docs.okdanetworks.com/blog","headline":"Blog","description":"Blog","blogPost":[{"@type":"BlogPosting","@id":"https://docs.okdanetworks.com/blog/first-blog-post","mainEntityOfPage":"https://docs.okdanetworks.com/blog/first-blog-post","url":"https://docs.okdanetworks.com/blog/first-blog-post","headline":"Step-by-Step Guide For Linux L3VPN Using GRE/MPLS","name":"Step-by-Step Guide For Linux L3VPN Using GRE/MPLS","description":"Introduction","datePublished":"2024-07-21T19:56:52.000Z","author":{"@type":"Person","name":"Ali Aqrabawi","description":"Network Engineer","url":"https://github.com/Ali-aqrabawi","image":"/img/blog/aaqrabaw_profile_pic.jpeg"},"keywords":[]}]}</script><link rel="alternate" type="application/rss+xml" href="/blog/rss.xml" title="Okda Networks RSS Feed">
<link rel="alternate" type="application/atom+xml" href="/blog/atom.xml" title="Okda Networks Atom Feed">
<link rel="preconnect" href="https://www.google-analytics.com">
<link rel="preconnect" href="https://www.googletagmanager.com">
<script async src="https://www.googletagmanager.com/gtag/js?id=G-K64WWC47QD"></script>
<script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-K64WWC47QD",{anonymize_ip:!0})</script><link rel="stylesheet" href="/assets/css/styles.fe00b6f4.css">
<script src="/assets/js/runtime~main.6a32927d.js" defer="defer"></script>
<script src="/assets/js/main.07a0095e.js" defer="defer"></script>
</head>
<body class="navigation-with-keyboard">
<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){try{return new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}}()||function(){try{return window.localStorage.getItem("theme")}catch(t){}}();t(null!==e?e:"light")}(),function(){try{const n=new URLSearchParams(window.location.search).entries();for(var[t,e]of n)if(t.startsWith("docusaurus-data-")){var a=t.replace("docusaurus-data-","data-");document.documentElement.setAttribute(a,e)}}catch(t){}}()</script><div id="__docusaurus"><div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/"><div class="navbar__logo"><img src="/img/logo.png" alt="Okda Networks" class="themedComponent_mlkZ themedComponent--light_NVdE"><img src="/img/logo.png" alt="Okda Networks" class="themedComponent_mlkZ themedComponent--dark_xIcU"></div><b class="navbar__title text--truncate">Okda Networks</b></a><a class="navbar__item navbar__link" href="/category/okda-network-manager">Docs</a><a aria-current="page" class="navbar__item navbar__link navbar__link--active" href="/blog">Blog</a></div><div class="navbar__items navbar__items--right"><a href="https://github.com/okda-networks" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link">GitHub<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a><div class="toggle_vylO colorModeToggle_DEke"><button class="clean-btn toggleButton_gllP toggleButtonDisabled_aARS" type="button" disabled="" title="Switch between dark and light mode (currently light mode)" aria-label="Switch between dark and light mode (currently light mode)" aria-live="polite"><svg viewBox="0 0 24 24" width="24" height="24" class="lightToggleIcon_pyhR"><path fill="currentColor" d="M12,9c1.65,0,3,1.35,3,3s-1.35,3-3,3s-3-1.35-3-3S10.35,9,12,9 M12,7c-2.76,0-5,2.24-5,5s2.24,5,5,5s5-2.24,5-5 S14.76,7,12,7L12,7z M2,13l2,0c0.55,0,1-0.45,1-1s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S1.45,13,2,13z M20,13l2,0c0.55,0,1-0.45,1-1 s-0.45-1-1-1l-2,0c-0.55,0-1,0.45-1,1S19.45,13,20,13z M11,2v2c0,0.55,0.45,1,1,1s1-0.45,1-1V2c0-0.55-0.45-1-1-1S11,1.45,11,2z M11,20v2c0,0.55,0.45,1,1,1s1-0.45,1-1v-2c0-0.55-0.45-1-1-1C11.45,19,11,19.45,11,20z M5.99,4.58c-0.39-0.39-1.03-0.39-1.41,0 c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0s0.39-1.03,0-1.41L5.99,4.58z M18.36,16.95 c-0.39-0.39-1.03-0.39-1.41,0c-0.39,0.39-0.39,1.03,0,1.41l1.06,1.06c0.39,0.39,1.03,0.39,1.41,0c0.39-0.39,0.39-1.03,0-1.41 L18.36,16.95z M19.42,5.99c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06c-0.39,0.39-0.39,1.03,0,1.41 s1.03,0.39,1.41,0L19.42,5.99z M7.05,18.36c0.39-0.39,0.39-1.03,0-1.41c-0.39-0.39-1.03-0.39-1.41,0l-1.06,1.06 c-0.39,0.39-0.39,1.03,0,1.41s1.03,0.39,1.41,0L7.05,18.36z"></path></svg><svg viewBox="0 0 24 24" width="24" height="24" class="darkToggleIcon_wfgR"><path fill="currentColor" d="M9.37,5.51C9.19,6.15,9.1,6.82,9.1,7.5c0,4.08,3.32,7.4,7.4,7.4c0.68,0,1.35-0.09,1.99-0.27C17.45,17.19,14.93,19,12,19 c-3.86,0-7-3.14-7-7C5,9.07,6.81,6.55,9.37,5.51z M12,3c-4.97,0-9,4.03-9,9s4.03,9,9,9s9-4.03,9-9c0-0.46-0.04-0.92-0.1-1.36 c-0.98,1.37-2.58,2.26-4.4,2.26c-2.98,0-5.4-2.42-5.4-5.4c0-1.81,0.89-3.42,2.26-4.4C12.92,3.04,12.46,3,12,3L12,3z"></path></svg></button></div><div class="navbarSearchContainer_Bca1"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0"><div class="container margin-vert--lg"><div class="row"><aside class="col col--3"><nav class="sidebar_re4s thin-scrollbar" aria-label="Blog recent posts navigation"><div class="sidebarItemTitle_pO2u margin-bottom--md">Recent posts</div><div role="group"><h3 class="yearGroupHeading_rMGB">2024</h3><ul class="sidebarItemList_Yudw clean-list"><li class="sidebarItem__DBe"><a class="sidebarItemLink_mo7H" href="/blog/first-blog-post">Step-by-Step Guide For Linux L3VPN Using GRE/MPLS</a></li></ul></div></nav></aside><main class="col col--7"><article class="margin-bottom--xl"><header><h2 class="title_f1Hy"><a href="/blog/first-blog-post">Step-by-Step Guide For Linux L3VPN Using GRE/MPLS</a></h2><div class="container_mt6G margin-vert--md"><time datetime="2024-07-21T19:56:52.000Z">July 21, 2024</time> · <!-- -->8 min read</div><div class="margin-top--md margin-bottom--sm row"><div class="col col--12 authorCol_Hf19"><div class="avatar margin-bottom--sm"><a href="https://github.com/Ali-aqrabawi" target="_blank" rel="noopener noreferrer" class="avatar__photo-link"><img class="avatar__photo authorImage_XqGP" src="/img/blog/aaqrabaw_profile_pic.jpeg" alt="Ali Aqrabawi"></a><div class="avatar__intro authorDetails_lV9A"><div class="avatar__name"><a href="https://github.com/Ali-aqrabawi" target="_blank" rel="noopener noreferrer"><span class="authorName_yefp">Ali Aqrabawi</span></a></div><small class="authorTitle_nd0D" title="Network Engineer">Network Engineer</small><div class="authorSocials_rSDt"></div></div></div></div></div></header><div class="markdown"><h2 class="anchor anchorWithStickyNavbar_LWe7" id="introduction">Introduction<a href="#introduction" class="hash-link" aria-label="Direct link to Introduction" title="Direct link to Introduction"></a></h2>
<p>A Layer 3 Virtual Private Network (L3VPN) allows multiple sites
to communicate over a shared IP network as if they were directly connected.
In this blog we will go through the configuration of L3VPN on Linux by using:</p>
<ul>
<li><strong>Network Namespace (NETNS)</strong> to create isolated VPNs on the linux router.</li>
<li><strong>Multiprotocol Label Switching (MPLS)</strong> to label traffic
with the respective VPN identifiers.</li>
<li><strong>Generic Routing Encapsulation (GRE)</strong> to create virtual point-to-point tunnels between sites.</li>
</ul>
<p>By combining MPLS and GRE, you can establish a robust L3VPN.
MPLS labels the traffic to ensure it is routed to the correct VPN,
while GRE tunnels encapsulate the VPN traffic,
allowing it to traverse the underlying IP network securely.
This approach leverages the scalability of MPLS and the flexibility
of GRE to create an effective L3VPN solution.</p>
<h2 class="anchor anchorWithStickyNavbar_LWe7" id="use-case-overview">Use Case Overview<a href="#use-case-overview" class="hash-link" aria-label="Direct link to Use Case Overview" title="Direct link to Use Case Overview"></a></h2>
<p>In this use case, we aim to connect two geographically dispersed sites,
each with multiple VPNs, over a shared IP network using Linux L3VPN with GRE and MPLS.</p>
<h3 class="anchor anchorWithStickyNavbar_LWe7" id="scenario">Scenario<a href="#scenario" class="hash-link" aria-label="Direct link to Scenario" title="Direct link to Scenario"></a></h3>
<ul>
<li><strong>Sites</strong>: Two sites, edge router <code>DENT-1</code> and <code>DENT-2</code>, each with two VPNs.</li>
<li><strong>VPNs</strong>: <code>VPN1</code> and <code>VPN2</code> on both <code>DENT-1</code> and <code>DENT-2</code>.</li>
<li><strong>Network</strong>: An IP network connects <code>DENT-1</code> and <code>DENT-2</code>.</li>
<li><strong>Hosts</strong>: Each site has two hosts each host in different VPN,
<code>PC1</code> and <code>PC3</code> in <code>VPN1</code>, <code>PC2</code> and <code>PC4</code> in <code>VPN2</code>.</li>
<li><strong>MPLS Labels</strong>: The labeling schema in this example will be 100[X][Y],
where <code>X</code> represents the site number (1 for <code>DENT-1</code>, 2 for <code>DENT-2</code>),
and <code>Y</code> represents the VPN ID (1 <code>vpn1</code>, 2 <code>vpn2</code>). e.g. label <code>10021</code> corresponds to <code>DENT-2</code>/<code>vpn1</code>.</li>
</ul>
<h3 class="anchor anchorWithStickyNavbar_LWe7" id="topology">Topology<a href="#topology" class="hash-link" aria-label="Direct link to Topology" title="Direct link to Topology"></a></h3>
<p><img decoding="async" loading="lazy" alt="topology1" src="/assets/images/topology_vpn_gre_mpls-ca4983608c249055fbc4cfad9316703b.png" width="1165" height="571" class="img_ev3q"></p>
<h2 class="anchor anchorWithStickyNavbar_LWe7" id="requirements">Requirements<a href="#requirements" class="hash-link" aria-label="Direct link to Requirements" title="Direct link to Requirements"></a></h2>
<p>Make sure you have the following Linux modules installed:</p>
<div class="language-angular2html codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-angular2html codeBlock_bY9V thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">root@dent-1:~# lsmod</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">Module Size Used by</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip_gre 32768 0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">gre 16384 1 ip_gre</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">mpls_iptunnel 16384 1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">mpls_router 40960 1 mpls_iptunnel</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">mpls_gso 16384 0</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">vrf 36864 0</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
<h2 class="anchor anchorWithStickyNavbar_LWe7" id="configuration-steps">Configuration Steps<a href="#configuration-steps" class="hash-link" aria-label="Direct link to Configuration Steps" title="Direct link to Configuration Steps"></a></h2>
<p><code>DENT-1</code> configuration:</p>
<ul>
<li>Create two <code>netns</code>, <code>VPN1</code> and <code>VPN2</code>.</li>
<li>To allow routing from <code>VPN1</code> and <code>VPN2</code> to global netns we need to create two VETHs,
<code>veth1</code> with virtual_peer <code>veth1_vpn1</code> for <code>VPN1->global</code> traffic flow,
and <code>veth2</code> with virtual_peer <code>veth2_vpn2</code> for <code>VPN2->global</code> traffic flow.</li>
<li>Add route for prefix <code>192.168.2.0/24</code> in <code>VPN1</code> to global netns using nexthop <code>veth1_vpn1</code> with via address
of <code>veth1</code>.</li>
<li>Add route for prefix <code>192.168.2.0/24</code> in <code>VPN2</code> to global netns using nexthop <code>veth2_vpn2</code> with via address
of <code>veth2</code>.</li>
<li>Create two VRFs, <code>VRF1</code> with table <code>10011</code>, and <code>VRF2</code> with table <code>10012</code>. Each VRF table will have the respective
routes
for each VPN.</li>
<li>Add ip rule for iif <code>veth1</code> to table <code>10011</code>, to lookup the <code>VRF1</code> table for any traffic coming from <code>VPN1</code> to global
VRF.</li>
<li>Add ip rule for iif <code>veth2</code> to table <code>10012</code>, to lookup the <code>VRF2</code> table for any traffic coming from <code>VPN2</code> to global
VRF.</li>
<li>Create GRE interface <code>GRE1</code> with source <code>1.1.1.1</code> and destination <code>1.1.1.2</code>.</li>
<li>Add the route toward <code>192.168.2.0/24</code> in both VRFs tables to encapsulate the traffic with the mpls labels and to send
the traffic inside the GRE tunnel,<!-- -->
<ul>
<li><code>VPN1</code> will encapsulate the traffic from <code>DENt-1</code> to <code>DENT-2</code> with label <code>10021</code>.</li>
<li><code>VPN2</code> will encapsulate the traffic from <code>DENt-1</code> to <code>DENT-2</code> with label <code>10022</code>.</li>
</ul>
</li>
<li>For return traffic we will add mpls route in the global netns to pop the label and send the traffic
to the right netns according to the incoming label(via veths address).</li>
<li>Lastly enable mpls for <code>gre1</code> interface:<!-- -->
<div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain">sysctl -w net.mpls.platform_labels=100000</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">sysctl -w net.mpls.conf.enp0s4.input=1 </span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
</li>
</ul>
<p><code>DENT-2</code> Configuration will be the same, but with reversed labeling.</p>
<h2 class="anchor anchorWithStickyNavbar_LWe7" id="example-configuration">Example Configuration<a href="#example-configuration" class="hash-link" aria-label="Direct link to Example Configuration" title="Direct link to Example Configuration"></a></h2>
<!-- -->
<div class="tabs-container tabList__CuJ"><ul role="tablist" aria-orientation="horizontal" class="tabs"><li role="tab" tabindex="0" aria-selected="true" class="tabs__item tabItem_LNqP tabs__item--active">ONM-CLI</li><li role="tab" tabindex="-1" aria-selected="false" class="tabs__item tabItem_LNqP">IPROUTE2</li><li role="tab" tabindex="-1" aria-selected="false" class="tabs__item tabItem_LNqP">NETCONF</li></ul><div class="margin-top--md"><div role="tabpanel" class="tabItem_Ymn6"><div class="codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-text codeBlock_bY9V thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain"># Create network namespaces</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">netnses-iproute2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> netns vpn1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> netns vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">!</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Create VRFs</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">links-iproute2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> vrf vrf2 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> vrf-info table 10012</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> vrf vrf1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> vrf-info table 10011</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> # Create VETH pairs</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link veth1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 1.11.11.2/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> type iproute2-ip-link:veth</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> virtual_peer_name veth1_vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link veth1_vpn1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> netns vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 1.11.11.1/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link veth2 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 2.22.22.2/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> type iproute2-ip-link:veth</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> virtual_peer_name veth2_vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link veth2_vpn2 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> netns vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 2.22.22.1/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> # Configure physical interfaces and assign them to namespaces</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link enp0s4 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 1.1.1.1/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link enp0s5 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> netns vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 192.168.1.100/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> link enp0s6 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> netns vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> ip 192.168.1.100/24 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> # Create GRE tunnel</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> gre gre1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> admin-status up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> tunnel-info local 1.1.1.1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> tunnel-info remote 1.1.1.2 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">!</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Add routes to leak VPN routes to the global namespace</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">routes-iproute2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> route 192.168.2.0/24 netns vpn1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> nexthop veth1_vpn1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> via address 1.11.11.2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> route 192.168.2.0/24 netns vpn2 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> nexthop veth2_vpn2 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> via address 2.22.22.2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> # Add GRE routes in VRF tables for outgoing traffic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> route 192.168.2.0/24 table 10011 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> nexthop gre1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> encap mpls-encap label 10021</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> route 192.168.2.0/24 table 10012 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> nexthop gre1 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> encap mpls-encap label 10022</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> # Add MPLS routes for incoming traffic to correct VPNs</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> mpls-route 10011 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> dev veth1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> via 1.11.11.2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> mpls-route 10012 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> dev veth2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> via 2.22.22.2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">!</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Create IP rules to use VRF tables for traffic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">rules-iproute2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> rule 1000</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> iif veth1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> action table 10011</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> rule 1001 </span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> iif veth2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> action table 10012</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div><div role="tabpanel" class="tabItem_Ymn6" hidden=""><div class="language-shell codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-shell codeBlock_bY9V thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token plain"># Create network namespaces</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip netns add vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip netns add vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Configure physical interfaces and assign them to namespaces</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link set enp0s4 up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip address add 1.1.1.1/24 dev enp0s4</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link set enp0s5 up netns vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -n vpn1 address add 192.168.1.100/24 dev enp0s5</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link set enp0s6 up netns vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -n vpn2 address add 192.168.1.100/24 dev enp0s6</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Create VRFs</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link add vrf1 type vrf table 10011</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link add vrf2 type vrf table 10012</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Create VETH pairs</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link add veth1 type veth peer name veth1_vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link add veth2 type veth peer name veth2_vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link set veth1_vpn1 netns vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link set veth2_vpn2 netns vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip address add 1.11.11.2/24 dev veth1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip address add 2.22.22.2/24 dev veth2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -n vpn1 address add 1.11.11.1/24 dev veth1_vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -n vpn2 address add 2.22.22.1/24 dev veth2_vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Create GRE tunnel</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link add gre1 type gre local 1.1.1.1 remote 1.1.1.2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip link set gre1 up</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Add routes to leak VPN routes to the global namespace</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -n vpn1 route add 192.168.2.0/24 via 1.11.11.2 dev veth1_vpn1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -n vpn2 route add 192.168.2.0/24 via 2.22.22.2 dev veth2_vpn2</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Create IP rules to use VRF tables for traffic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip rule add iif veth1 table 10011</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip rule add iif veth2 table 10012</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Add GRE routes in VRF tables for outgoing traffic</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip route add 192.168.2.0/24 table 10011 dev gre1 encap mpls 10021</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip route add 192.168.2.0/24 table 10012 dev gre1 encap mpls 10022</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain" style="display:inline-block"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"># Add MPLS routes for incoming traffic to correct VPNs</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -M route add 10011 via inet 1.11.11.1 dev veth1</span><br></span><span class="token-line" style="color:#393A34"><span class="token plain">ip -M route add 10012 via inet 2.22.22.2 dev veth2</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div><div role="tabpanel" class="tabItem_Ymn6" hidden=""><div class="language-xml codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#393A34;--prism-background-color:#f6f8fa"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-xml codeBlock_bY9V thin-scrollbar" style="color:#393A34;background-color:#f6f8fa"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#393A34"><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">config</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">links</span><span class="token tag" style="color:#00009f"> </span><span class="token tag attr-name" style="color:#00a4db">xmlns</span><span class="token tag attr-value punctuation attr-equals" style="color:#393A34">=</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag attr-value" style="color:#e3116c">urn:okda:iproute2:ip:link</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">vrf</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vrf2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">vrf-info</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10012</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">vrf-info</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">vrf</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">vrf</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vrf1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">vrf-info</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10011</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">vrf-info</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">vrf</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1.11.11.2/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">type</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">type</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">virtual_peer_name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth1_vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">virtual_peer_name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth1_vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1.11.11.1/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">2.22.22.2/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">type</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">type</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">virtual_peer_name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth2_vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">virtual_peer_name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth2_vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">2.22.22.1/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">enp0s4</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1.1.1.1/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">enp0s5</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">192.168.1.100/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">enp0s6</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">192.168.1.100/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">ip</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">link</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">gre</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">gre1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">up</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">admin-status</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tunnel-info</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">local</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1.1.1.1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">local</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">remote</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1.1.1.2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">remote</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tunnel-info</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">gre</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">links</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netnses</span><span class="token tag" style="color:#00009f"> </span><span class="token tag attr-name" style="color:#00a4db">xmlns</span><span class="token tag attr-value punctuation attr-equals" style="color:#393A34">=</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag attr-value" style="color:#e3116c">urn:okda:iproute2:ip:netns</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">name</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netnses</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">routes</span><span class="token tag" style="color:#00009f"> </span><span class="token tag attr-name" style="color:#00a4db">xmlns</span><span class="token tag attr-value punctuation attr-equals" style="color:#393A34">=</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag attr-value" style="color:#e3116c">urn:okda:iproute2:ip:route</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">192.168.2.0/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">main</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">default</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth1_vpn1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">via</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1.11.11.2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">via</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">192.168.2.0/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">main</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">default</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth2_vpn2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">via</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">2.22.22.2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">address</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">via</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">192.168.2.0/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10011</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">default</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">gre1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">mpls-encap</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10021</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">mpls-encap</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">192.168.2.0/24</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">prefix</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10012</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">metric</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">default</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">gre1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">mpls-encap</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10022</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">mpls-encap</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">nexthop</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">mpls-route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10011</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">mpls-route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">mpls-route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10012</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">label</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">dev</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">mpls-route</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">routes</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">rules</span><span class="token tag" style="color:#00009f"> </span><span class="token tag attr-name" style="color:#00a4db">xmlns</span><span class="token tag attr-value punctuation attr-equals" style="color:#393A34">=</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag attr-value" style="color:#e3116c">urn:okda:iproute2:ip:rule</span><span class="token tag attr-value punctuation" style="color:#393A34">"</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">rule</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">pref</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1000</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">pref</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">from</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0.0.0.0/0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">from</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">to</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0.0.0.0/0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">to</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">default</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">fwmark</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0x00</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">fwmark</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">iif</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">iif</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">action</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10011</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">action</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">rule</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">rule</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">pref</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1001</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">pref</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">from</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0.0.0.0/0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">from</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">to</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0.0.0.0/0</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">to</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">default</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">tos</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">fwmark</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">0x00</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">fwmark</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">1</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">netns</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">iif</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">veth2</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">iif</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">action</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"><</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain">10012</span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">table</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">action</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">rule</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"> </span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">rules</span><span class="token tag punctuation" style="color:#393A34">></span><span class="token plain"></span><br></span><span class="token-line" style="color:#393A34"><span class="token plain"></span><span class="token tag punctuation" style="color:#393A34"></</span><span class="token tag" style="color:#00009f">config</span><span class="token tag punctuation" style="color:#393A34">></span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></div>
<h2 class="anchor anchorWithStickyNavbar_LWe7" id="verify">Verify<a href="#verify" class="hash-link" aria-label="Direct link to Verify" title="Direct link to Verify"></a></h2>
<ul>
<li>
<p>Pinging from <code>PC1</code> to <code>PC2</code> is now working though the mpls/gre tunnel:
<img decoding="async" loading="lazy" alt="capture" src="/assets/images/capture-ecc52cbacb30dc738e235abca5f0d026.png" width="1225" height="223" class="img_ev3q"></p>
</li>
<li>
<p>Looking at the icmp request send from <code>PC1</code> we can see it's labeled with <code>10021</code> (DENT-2 <code>vpn1</code> label),
and encapsulated inside the <code>gre1</code> tunnel:
<img decoding="async" loading="lazy" alt="request" src="/assets/images/capture_req_detail-98fc3901ce5acf7187568a294daf7df2.png" width="844" height="224" class="img_ev3q"></p>
</li>
<li>
<p>Same for incoming icmp response from <code>PC2</code> we can see DENT-1's <code>vpn1</code> label.
<img decoding="async" loading="lazy" alt="response" src="/assets/images/capture_resp_detail-0c4fd1031de5f29d9be62914f7095d5e.png" width="844" height="224" class="img_ev3q"></p>
</li>
</ul>
<h2 class="anchor anchorWithStickyNavbar_LWe7" id="conclusion">Conclusion<a href="#conclusion" class="hash-link" aria-label="Direct link to Conclusion" title="Direct link to Conclusion"></a></h2>
<p>This guide shows how to configure an L3VPN using GRE and MPLS on a Linux router,
providing a scalable and flexible solution for routing VPN traffic.
However, GRE tunnels lack inherent security. For a more secure approach,
consider using IPsec with VTI, which offers encryption and authentication to protect your data.</p>
<p>For more details on Linux network configuration, see our <a href="/category/linux-networking">Linux Networking Guide</a>.</p></div><footer class="row docusaurus-mt-lg"><div class="col"><b>Tags:</b><ul class="tags_jXut padding--none margin-left--sm"><li class="tag_QGVx"><a class="tag_zVej tagRegular_sFm0" href="/blog/tags/linux">Linux</a></li><li class="tag_QGVx"><a class="tag_zVej tagRegular_sFm0" href="/blog/tags/vpn">VPN</a></li><li class="tag_QGVx"><a class="tag_zVej tagRegular_sFm0" href="/blog/tags/gre">GRE</a></li><li class="tag_QGVx"><a class="tag_zVej tagRegular_sFm0" href="/blog/tags/mpls">MPLS</a></li><li class="tag_QGVx"><a class="tag_zVej tagRegular_sFm0" href="/blog/tags/yang">YANG</a></li><li class="tag_QGVx"><a class="tag_zVej tagRegular_sFm0" href="/blog/tags/open-networking">Open Networking</a></li></ul></div></footer></article><nav class="pagination-nav" aria-label="Blog list page navigation"></nav></main></div></div></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="row footer__links"><div class="col footer__col"><div class="footer__title">Docs</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/">Okda Network Manager</a></li><li class="footer__item"><a class="footer__link-item" href="/category/linux-networking">Linux Networking</a></li></ul></div><div class="col footer__col"><div class="footer__title">Community</div><ul class="footer__items clean-list"><li class="footer__item"><a href="https://www.linkedin.com/company/okdanetworks" target="_blank" rel="noopener noreferrer" class="footer__link-item">Linkedin<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li class="footer__item"><a href="https://twitter.com/okdanetworks" target="_blank" rel="noopener noreferrer" class="footer__link-item">Twitter<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li></ul></div><div class="col footer__col"><div class="footer__title">More</div><ul class="footer__items clean-list"><li class="footer__item"><a class="footer__link-item" href="/blog">Blog</a></li><li class="footer__item"><a href="https://github.com/okda-networks" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub<svg width="13.5" height="13.5" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li></ul></div></div><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2024 Okda Networks, Inc.</div></div></div></footer></div>
</body>
</html>