I know we’re all usually running big gear, but I’ve been tasked with building some appliances to run in the cloud as VM’s.
Looking for someone who has built on Centos 7 using IPSec and GRE tunnels. Having an issue with GRE tunnels and trace route. That’s pulling my hair out.
If you’d like to discuss, reply off list.
Thanks to Robert McKay for the answer that fixed it.
His explanation was
Did you forget to add ttl 255 (or similar) to the tunnel setup? By default the gre packets will end up with the ttl set to the same as the inside payload ttl so when you traceroute they won't reach the other gateway.. that sounds like what you might be talking about?
Added TTL=255 to the ifcfg-tun* config files and all is well.
Thanks to the others for their ideas (too many to name).