This eBPF program adds high-performance reply-only GRE keepalive support for Linux kernel.
|Protocol||Linux name||XDP Executable||Tested Vendors||Comments|
Simply load the correct XDP executable on the tunnel interface you just created. For example, assume you have set up the GRE tunnel as
gre0, to enable GRE keepalive:
ip link set dev gre0 xdp object build/keepalive_gre.o
To disable it without removing the tunnel interface:
ip link set dev gre0 xdp off
Loading an executable on other types of interfaces is considered an undefined behavior.
GRE on Cisco IOS XE
On Cisco IOS XE, you must explicitly configure an ip address or an ipv6 address to make the GRE tunnel actually send something. If you don't configure IP addresses,
debug tunnel keepalive will still show keepalive packets being sent, but the other end won't receive anything. A valid configuration example:
interface Tunnel10 ip address 10.0.0.1 255.255.255.0 keepalive 1 2 tunnel source GigabitEthernet1 tunnel destination your.other.end.ip.address tunnel mode gre ip
GRE6 (ip6gre) keepalive support
GRE6 keepalive is not supported by:
MikroTik RouterOS implements their own GRE IPv6 keepalive with inner GRE header's proto field set to
0x86dd. This have been implemented by us.
Assume we are on a Debian 10.
sudo apt install build-essential clang llvm libelf-dev gcc-multilib linux-headers-$(dpkg --print-architecture) make all
View compiled bytecode:
llvm-objdump -S build/keepalive_gre.o
Enabling debugging output:
#define DEBUG #define DEBUG_PRINT_HEADER_SIZE 32
Then view debug output after enabling it by:
Here's a list of awesome articles and projects I found useful: