From owner-freebsd-net@FreeBSD.ORG Wed Jun 29 18:56:57 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 696AB106564A for ; Wed, 29 Jun 2011 18:56:57 +0000 (UTC) (envelope-from mikemacleod@gmail.com) Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com [209.85.213.182]) by mx1.freebsd.org (Postfix) with ESMTP id 2F0928FC15 for ; Wed, 29 Jun 2011 18:56:56 +0000 (UTC) Received: by yxl31 with SMTP id 31so788172yxl.13 for ; Wed, 29 Jun 2011 11:56:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; bh=AIlEbdKJjSi7NPyNuvYq2+cSKtKzerar23eq2WFxNrw=; b=iXxIyhjBr5B49SC+ez10tCXwHMHhaxrXa68CMaI6YdjicIL2IAAK7yooMLfpWf69Sx XZaum9gaRLLMM01fESNqAbF1SOOPN1xqYI3u/Uo2jBJl5ZYwv340CXBLrZ/qWkXjH8Em 8MaaiHybA/GqD1psINngkUPJp25kJ19gPJCU0= Received: by 10.91.3.31 with SMTP id f31mr1012553agi.73.1309372125204; Wed, 29 Jun 2011 11:28:45 -0700 (PDT) MIME-Version: 1.0 Received: by 10.90.84.1 with HTTP; Wed, 29 Jun 2011 11:28:25 -0700 (PDT) From: Michael MacLeod Date: Wed, 29 Jun 2011 14:28:25 -0400 Message-ID: To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Bridging Two Tunnel Interfaces For ALTQ X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2011 18:56:57 -0000 I use pf+ALTQ to achieve some pretty decent traffic shaping results at home. However, recently signed up to be part of an IPv6 trial with my ISP, and they've given me a second (dual-stacked) PPPoE login with which to test with. The problem is that the second login lacks my static IP or my routed /29. I can have both tunnels up simultaneously, but that becomes a pain to traffic shape since I can't have them both assigned to the same ALTQ. ... unless there is some way for me to turn the ng interfaces (I'm using mpd5) into ethernet interfaces that could be assigned to an if_bridge. I could easily disable IPv4 on the IPv6 tunnel, which would clean up any routing issues, assign both tunnels to the bridge, and put the ALTQ on the bridge. It just might have the effect I'm looking for. Bonus points if the solution can be extended to allow it to work with a gif tunnel as well, so that users of 6in4 tunnels could use it (my ISPs IPv6 beta won't let me do rDNS delegation, so I might want to try a tunnel from he.net instead). I spent some time this morning trying to make netgraph do this with the two ng interfaces, but didn't have any luck. Google didn't turn up anyone trying to do anything similar that I could find; closest I got was this: http://lists.freebsd.org/pipermail/freebsd-net/2004-November/005598.html This is all assuming that the best way to use ALTQ on multiple outbound connections is with a bridge. If there is another or more elegant solution, I'd love to hear it.