FOO-over-UDP (FOU) can be able to encapsulate any IP protocol over UDP.
Example of configuration
Left site:
modprobe fou ip fou add port 5555 ipproto 4 ip link add name tun1 type ipip \ remote 192.0.2.2 \ local 192.0.2.1 \ mode ipip \ ttl 255 \ dev eth1 \ encap fou \ encap-sport 5555 \ encap-dport 6666 ip add add 10.0.0.1 peer 10.0.0.2 dev tun1 sudo ip link set dev tun1 up
Right site:
modprobe fou ip fou add port 6666 ipproto 4 modprobe fou ip link add name tun1 type ipip \ remote 192.0.2.1 \ local 192.0.2.2 \ mode ipip \ ttl 255 \ dev eth1 \ encap fou \ encap-sport 6666 \ encap-dport 5555 ip add add 10.0.0.2 peer 10.0.0.1 dev tun1 sudo ip link set dev tun1 up
Ping from R2 => R1 and
root@r1-roll:/home/vyos# ping 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.419 ms 64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.753 ms 64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.831 ms 64 bytes from 10.0.0.1: icmp_seq=4 ttl=64 time=1.03 ms 64 bytes from 10.0.0.1: icmp_seq=5 ttl=64 time=0.711 ms 64 bytes from 10.0.0.1: icmp_seq=6 ttl=64 time=0.920 ms
Dump from R1
[email protected]# sudo tcpdump -nti eth1 not stp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84 IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84 IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84 IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84
https://lwn.net/Articles/614348/
https://people.netfilter.org/pablo/netdev0.1/papers/UDP-Encapsulation-in-Linux.pdf
https://developers.redhat.com/blog/2019/05/17/an-introduction-to-linux-virtual-interfaces-tunnels#fou
https://manpages.debian.org/unstable/iproute2/ip-fou.8.en.html