Home / server / Questions / 247767
Accepted
alecov
Asked: 2011-03-16 11:01:11 +0800 CST

Cannot Delete GRE Tunnel

  • 772

I am configuring a GRE tunnel in Linux 2.6.26 and I've been facing a very strange problem for which I could not find any solution.

I have created a GRE tunnel called gre0, but no matter what I do, I am simply unable to delete this tunnel. The command ip tunnel del gre0 fails with the response ioctl: Operation not permitted. Any attempt to change the addresses of the tunnel also fails.

The following commands illustrate the problem:

# ip tunnel del gre0
ioctl: Operation not permitted
# ip tunnel change gre0
# ip tunnel change gre0 remote <some address> local <some address>
ioctl: No such file or directory

I can create, change and delete other tunnels without any problem, but gre0 just sticks there and does not go away, even if I reboot or take the interfaces down.

If I remove the ip_gre module, the tunnel disappears. As soon as I insert the module again, gre0 reappears and the problem continues.

I have two questions:

  1. What can I do to get rid of this pesky tunnel? I suspect this might be a kernel or a module bug.
  2. Where such persistent data (in this case, the information for gre0, but this applies to any other setup I may be even unaware of) is stored?

If any other information is needed, please let me know.

Thanks a lot for any help.

linux tunneling gre

3 Answers

  1. I believe I've found myself an answer to this problem.

    After tinkering for a while, I decided to reproduce the problem in a clean installation.

    The ip_gre module is not inserted by default in the kernel after installing Debian. ip tunnel show does not display any tunnel. After inserting the ip_gre module, but without creating any tunnel, gre0 appears and is undeletable and unchangeable as expected. Thus gre0 seems to be a dummy tunnel created by default by the ip_gre module.

    The frustrating part is that this 'feature' is totally undocumented, and is even an unexpected one, since it might be natural to attempt to create a gre0 tunnel as the first (and only) GRE tunnel in a system.

    • 25
  2. Best Answer

    The gre0 tunnel interface is named as the fallback interface and has special meaning. It's created by ip_gre kernel module at initialization of module. You cannot disable this feature.

    When the host receives gre packets for which the suitable tunnel interface isn't found, this fallback interface will be used. Unfortunately, it's really undocumented feature. Only in the source code this is described.

    Same logic is used for other types of tunneling.

    So you cannot remove it completely without lost of other gre tunnels. But you can rename it with command ip link set dev gre0 name gre_fallback. And then you can create the other gre tunnel with gre0 name.

    • 6

  3. You need to verify that the gre module is completely removed. Run

    sudo lsmod | grep gre

    to check if the module is in the list. If it is, run

    sudo rmmod ip_gre
sudo rmmod gre

    to remove them from the kernel.

    • 1