From owner-freebsd-questions@FreeBSD.ORG Thu Apr 30 06:08:43 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0FC4A68 for ; Thu, 30 Apr 2015 06:08:43 +0000 (UTC) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id 1DF8F1334 for ; Thu, 30 Apr 2015 06:08:42 +0000 (UTC) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from admin.sibptus.tomsk.ru ([212.73.125.240] verified) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 38664050; Thu, 30 Apr 2015 12:08:38 +0600 Received: from admin.sibptus.TOMSK.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.tomsk.ru (8.14.9/8.14.7) with ESMTP id t3U68ZNA072769; Thu, 30 Apr 2015 12:08:38 +0600 (NOVT) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.TOMSK.ru (8.14.9/8.14.7/Submit) id t3U68ZVP072768; Thu, 30 Apr 2015 12:08:35 +0600 (NOVT) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.TOMSK.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Thu, 30 Apr 2015 12:08:35 +0600 From: Victor Sudakov To: Nikos Vassiliadis , freebsd-questions@freebsd.org Subject: Re: tunneling L2 tagged traffic over IP Message-ID: <20150430060835.GA72072@admin.sibptus.tomsk.ru> References: <20150425174935.GA48023@admin.sibptus.tomsk.ru> <553C1F66.4060901@gmx.com> <20150426123629.GA48916@admin.sibptus.tomsk.ru> <20150427093355.GA86151@admin.sibptus.tomsk.ru> <553E400F.2040906@gmx.com> <20150427143952.GA94033@admin.sibptus.tomsk.ru> <553E9A07.1020900@gmx.com> <20150428034047.GA4874@admin.sibptus.tomsk.ru> <553F699C.9030409@gmx.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <553F699C.9030409@gmx.com> Organization: OAO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Apr 2015 06:08:43 -0000 Nikos Vassiliadis wrote: > > On 04/28/15 05:40, Victor Sudakov wrote: > > Fine. Maybe there are other ways to tunnel Ethernet without relying on > > if_bridge ? > > Then there is netgraph bridging, netgraph bridging AFAIK doesn't have > this feature, it doesn't filter out special MACs. > > You can ask at net@ for a script/help I believe. I definitely will because I have found a strange thing. The re0 NIC receives both tagged and untagged frames from a switch. When I monitor the incoming traffic with "nghook -a re0: lower", I see that both tagged and untagged frames are merged into one untagged stream, i.e. ng_ether somehow strips the vlan tag from frames. If I only knew how to obtain unmodified frames for further processing within the netgraph system, I would know how to build my transparent tunnel. I have not found any relevant messages or options I could set for ng_ether (like NGM_ETHER_SET_DONT_TOUCH_ANYTHING_DAMN_YOU maybe). -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:sudakov@sibptus.tomsk.ru