Raw Sockets - IP-Encapsulation

Nobody nobody at nowhere.com
Fri Sep 24 17:51:01 CEST 2010

On Thu, 23 Sep 2010 21:41:19 +0200, Matthias Guentert wrote:

> I would like to create an IP tunnel using the IP protocol type 4
> (socket.IPPROTO_IPIP) on a Linux host. (I also would be happy if I
> could create a GRE tunnel)
> The thing is, I just don't understand how I such a socket could be
> created and then later on handled.

You don't create sockets for IPPROTO_IPIP or IPPROTO_GRE.
Outside of the kernel, those identifiers are only likely to be used for
specifying protocols when e.g. configuring packet filtering.

Tunnelling only involves user-space for configuration. Once a tunnel has
been configured, it's just a networking interface, and any traffic is
handled by the kernel.

Tunnel interfaces are manipulated using the ioctl()s in linux/if_tunnel.h.
Refer to the iproute2 source code for clues.

If for some reason you wanted perform the encapsulation or decapsulation
yourself, you would need to create a packet socket.

More information about the Python-list mailing list