Differences

This shows you the differences between two versions of the page.

--- hardware:shimtunnel [2019/01/11 09:24]
veera [The setup]
+++ hardware:shimtunnel [2019/01/11 12:46] (current)
veera
@@ Line 16: / Line 16: @@
+<note warning>
+**Pre-check**
+  * ensure IP Forwarding is disabled ''echo 0 > /proc/sys/net/ipv4/ip_forward''
+  * local iptables firewall rules allow the UDP port ''iptables -A INPUT -p udp -m udp --dport 5111 -j ACCEPT''
+</note>
 ===== Download the Shim software =====
@@ Line 67: / Line 73: @@
-===== Options using Source NAT =====
+===== Extra reference : Use Source NAT =====
-If the above steps still do not work and a different source IP address is seen for the Shim tunnel use iptables to create a SNAT
+In the very unlikely scenario the above steps dont work and the desired source IP is not seen on the outgoing packets, use SNAT (Source NAT).This example NATs the source IP for udp packets to 5111 (custom netflow)  to be the Shim end point.
-This example NATs the source IP for udp packets to 5111 (custom netflow)  to be the Shim end point.
+<code>
+iptables -t nat -A   POSTROUTING -p udp --dport 5111 \
+    -o enp7s0  -j SNAT --to 10.251.52.4:5111
+</code>
+==== To view rules ====
 <code>
-iptables -t nat -A   POSTROUTING -p udp --dport 5111   -o enp7s0  -j SNAT --to 10.251.52.4:5111
+iptables -t nat -L -v --line-numbers
 </code>
+==== To delete a rule with id 3 ====
+<code>
+iptables -t nat -D POSTROUTING  3
+</code>

Trisul Network Analytics Developer Zone