=== ip L2TP Connectivity ===

[[TOC(dSite/mConnectivity*)]]

==== Installing the Prerequisite Software ====

We're using the ip l2tp tunnels that have been part of the linux kernels since verion 2.6.35. To use it you must load the l2tp_eth module (manually) as this support is not loaded automatically. Tunnels are built in a 2 stage process that uses ''/etc/network/interfaces'' and the script that brings the interfaces up (''tunnel.sh''). 

==== Configuring the tunnel ==== 

''/etc/network/interfaces'' should look like:
{{{
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface - this is the outbound interface (static assignment)
auto eth0
iface eth0 inet static
	address XXX.YYY.ZZZ.111
	netmask 255.255.255.224
	gateway XXX.YYY.ZZZ.1
        dns-nameservers 8.8.8.8

auto eth1 
iface eth1 inet manual
}}}

The convention we've adopted is that '''eth0 is the externally route-able interface''' and '''eth1''' is local subnet interface (please note that it doesn't need an IP address at this stage). The tunnel script (''tunnel.sh'') looks like:

{{{
#!/bin/bash                                                                    

modprobe l2tp_eth
ifconfig eth1 up

ip l2tp add tunnel remote  128.6.192.147 local XXX.YYY.ZZZ.1111 \
     tunnel_id 1 peer_tunnel_id 1 udp_sport 3000 udp_dport 3000 encap udp

ip l2tp add session  name l2tpsess1 \
        tunnel_id 1 session_id 1 peer_session_id 1

ip link set l2tpsess1 up mtu 1446
ip link add brvlan1 type bridge
ip link set l2tpsess1 master brvlan1
ip link set eth1 master brvlan1
ifconfig brvlan1 up
}}}

This script preforms the following actions:
 1. Loads the l2tp kernel module
 1. Brings up the local interfaces
 1. Brings up the tunnel
 1. Creates the session for the interface
 1. Creates the bridge 
 1. Connects the session interface to the local (i.e. bridge the two interfaces)
 1. Brings the bridge up. 

You can check the newly created bridge functionality after running the script by executing:
    {{{
root@landing1:/root# brctl show brvlan1
bridge name	bridge id		STP enabled	interfaces
brvlan1		8000.003048b19da9	no		eth1
							l2tpsess1
    }}}