FOO-over-UDP (FOU) can be able to encapsulate any IP protocol over UDP.
Example of configuration
Left site:
modprobe fou
ip fou add port 5555 ipproto 4
ip link add name tun1 type ipip \
remote 192.0.2.2 \
local 192.0.2.1 \
mode ipip \
ttl 255 \
dev eth1 \
encap fou \
encap-sport 5555 \
encap-dport 6666
ip add add 10.0.0.1 peer 10.0.0.2 dev tun1
sudo ip link set dev tun1 upRight site:
modprobe fou
ip fou add port 6666 ipproto 4
modprobe fou
ip link add name tun1 type ipip \
remote 192.0.2.1 \
local 192.0.2.2 \
mode ipip \
ttl 255 \
dev eth1 \
encap fou \
encap-sport 6666 \
encap-dport 5555
ip add add 10.0.0.2 peer 10.0.0.1 dev tun1
sudo ip link set dev tun1 upPing from R2 => R1 and
root@r1-roll:/home/vyos# ping 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.419 ms 64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.753 ms 64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.831 ms 64 bytes from 10.0.0.1: icmp_seq=4 ttl=64 time=1.03 ms 64 bytes from 10.0.0.1: icmp_seq=5 ttl=64 time=0.711 ms 64 bytes from 10.0.0.1: icmp_seq=6 ttl=64 time=0.920 ms
Dump from R1
[email protected]# sudo tcpdump -nti eth1 not stp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84 IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84 IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84 IP 192.0.2.2.6666 > 192.0.2.1.5555: UDP, length 84 IP 192.0.2.1.5555 > 192.0.2.2.6666: UDP, length 84
https://lwn.net/Articles/614348/
https://people.netfilter.org/pablo/netdev0.1/papers/UDP-Encapsulation-in-Linux.pdf
https://developers.redhat.com/blog/2019/05/17/an-introduction-to-linux-virtual-interfaces-tunnels#fou
https://manpages.debian.org/unstable/iproute2/ip-fou.8.en.html