From owner-freebsd-net@FreeBSD.ORG Wed Jun 16 12:10:48 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 61946106567B for ; Wed, 16 Jun 2010 12:10:48 +0000 (UTC) (envelope-from peterjeremy@acm.org) Received: from mail13.syd.optusnet.com.au (mail13.syd.optusnet.com.au [211.29.132.194]) by mx1.freebsd.org (Postfix) with ESMTP id E1B4A8FC1B for ; Wed, 16 Jun 2010 12:10:47 +0000 (UTC) Received: from server.vk2pj.dyndns.org (c211-30-160-13.belrs4.nsw.optusnet.com.au [211.30.160.13]) by mail13.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id o5GCAil9015063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Jun 2010 22:10:45 +1000 X-Bogosity: Ham, spamicity=0.000000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.4/8.14.4) with ESMTP id o5GCAiZf039395; Wed, 16 Jun 2010 22:10:44 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.4/8.14.4/Submit) id o5GCAh4n039394; Wed, 16 Jun 2010 22:10:43 +1000 (EST) (envelope-from peter) Date: Wed, 16 Jun 2010 22:10:42 +1000 From: Peter Jeremy To: Kurt Buff Message-ID: <20100616121042.GA39245@server.vk2pj.dyndns.org> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="pWyiEgJYm5f9v55/" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-net@freebsd.org Subject: Re: VLANs, routing, multicast and HP switches, oh my... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jun 2010 12:10:48 -0000 --pWyiEgJYm5f9v55/ Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2010-Jun-14 13:17:06 -0700, Kurt Buff wrote: >We'll be simulating installations of our software and hardware for >customer installations that have WANs between sites, with several >complementary applications, including a multicast app that is critical >to the whole effort. While it's a bit much to expect us to be able to >simulate a WAN at this point, I want to be able to simulate at least >two subnets with routed multicast between them. I have been running FreeBSD-based WAN simulators at work for more than a decade. As with you, the driver has been to replicate customer configurations for testing purposes. My current system provides about 60 different subnets (using VLANs) and about 12 simulated WANs. It uses two FreeBSD boxes providing NAT between the corporate intranet and various test LANs, as well as routing and WAN simulation between LANs. Each box runs VLANs over LACP (via lagg(4)) through dual NICs to redundant switches. The boxes provide automatic failover via carp(4). The WAN simulation is done using dummynet(4) and the NAT and CARP via pf(4). By default, pf and dummynet don't work together but Ermal Lu=E7i wrote some patches that I'm using together with some local adaption. Whilst I have run into some rough edges, the system has been very successful overall. >take your point about the packets traveling over the same wire. It >would be best if I could get a multiport router - perhaps a layer3 >switch (I'd love to get them an HP 3400cl) - but that costs much money >that I don't have to spend at the moment. My recommendation is that you just use managed switches that support VLANs and push all the traffic into the FreeBSD box via a trunk, then let the FreeBSD box handle all the routing. --=20 Peter Jeremy --pWyiEgJYm5f9v55/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkwYv0IACgkQ/opHv/APuIcsZgCdGM+WdE4fDvLxgw6598m8UiLm L+4An3hyWKE1f2AAtSDBp2aJ8rVgivLB =fATR -----END PGP SIGNATURE----- --pWyiEgJYm5f9v55/--