Date: Mon, 23 Apr 2018 18:11:23 +0800 From: Julian Elischer <julian@freebsd.org> To: GPz1100a <zx1100e1@solo-tek.com>, freebsd-net@freebsd.org Cc: John Lyon <johnllyon@gmail.com> Subject: Re: Need Netgraph Help [fixed] Message-ID: <39b20cd4-7336-b03c-1fa2-74ab09bae4e7@freebsd.org> In-Reply-To: <1bd8c52f-1e0a-9f29-ccc4-34dd54aad384@freebsd.org> References: <2e0525c8-2251-a5f5-45d1-fe44ebe318f7@freebsd.org> <CAKfTJoXe%2BZjDEMbF12-JcwBAs0uQoAFYAC3g1A_d0yM8by-z6g@mail.gmail.com> <ac0e236e-f27c-d4ed-8527-010dd025efff@freebsd.org> <4fee4ea6-9b35-afba-6d5d-24ecca3e28c6@freebsd.org> <CAKfTJoUuxKKkZEo5%2Bnv98jqk3T2D77-CS-rdqvVUQE%2BczHpzrw@mail.gmail.com> <3b8d46da-75e3-79f2-379c-b27a88e80733@freebsd.org> <CAKfTJoXdqm0Bj%2B85omHg6oiKhqDNkxfW5rs9nxsqH79qdCd9Gw@mail.gmail.com> <47C0E33A-E815-4860-A25C-F29BBB8D6787@gmail.com> <c96502df-1ea3-555a-f773-1f402e753844@freebsd.org> <CAKfTJoWFrwOciBuddHm=i9DkiXTn4-QSqzn1Qai3zr6XMn85sA@mail.gmail.com> <1524372774786-0.post@n6.nabble.com> <1bd8c52f-1e0a-9f29-ccc4-34dd54aad384@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 23/4/18 5:55 pm, Julian Elischer wrote: > On 22/4/18 12:52 pm, GPz1100a wrote: >> @John >> >> Did you ever get this fully figured out? I'm trying to do what I >> think is >> the same thing with my fiber internet connection - eliminate the >> need to use >> the isp provided gateway (or at least reduce its function). I'm >> running >> *opnsense*. This thread >> https://forum.pfsense.org/index.php?topic=111043.msg793292#msg793292 >> is what >> led me here. >> >> Three nics correspond to the following >> >> em0 - ONT (WAN) >> xl0 - 3com pci - isp provided residential gateway (RG) >> ue0 - usb nic - LAN >> >> Using Julian's code from Jan 06, 2018; 1:39pm, >> >> ngctl mkpeer em0: etf lower downstream >> ngctl name em0:lower waneapfilter >> ngctl connect waneapfilter: em0: nomatch upper >> >> ngctl mkpeer xl0: etf lower downstream >> ngctl name xl0:lower laneapfilter >> ngctl connect laneapfilter: xl0: nomatch upper >> >> * ngctl connect waneapfilter laneapfilter eapout eapout* >> >> ngctl msg waneapfilter: 'setfilter { matchhook="eapout" >> ethertype=0x888e }' >> ngctl msg laneapfilter: 'setfilter { matchhook="eapout" >> ethertype=0x888e }' >> >> When I get to the command in bold it comes back with this error: >> >> root@OPNsense:~ # ngctl connect waneapfilter laneapfilter >> eapout eapout >> ngctl: send msg: No such file or directory >> >> I'm not sure how to proceed from here. >> >> Thanks for any help you (or others) can offer. >> >> --J >> > > I wish I had known the full picture before.. > then I could have added the required bits: > > So think you need this: > > ONT]----em0]lower---downstream[eapfilter:]nomatch----vlan0[VLAN]downstream----upper[em0... > > eapout > | > | > | > RG]------em1]lower---------------/ > the following line is no longer true of course > ie. use an etf node on each interface. > > ngctl mkpeer igb0: etf lower downstream > ngctl name igb0:lower eapfilter > ngctl mkpeer igb0: vlan upper downstream > ngctl name igb0:upper vlanheader > ngctl msg vlanheader: addfilter '{ vlan=0 hook="vlan0" }' > ngctl connect vlanheader: eapfilter: vlan0 nomatch > ngctl connect eapfilter: igb1: eapout lower > ngctl msg waneapfilter: 'setfilter { matchhook="eapout" > ethertype=0x888e }' however having sent this I realise it may not work.. because the etf node doesn't take into account vlan labels, because vlan labels are them selvesm in fact a special case of ethertype.. (0x8100) so to know if this will work I need to know what a packet at the netgraph insertion point looks like: to find this out, attach the nghook program to an inserted ngtee node (inserted somewhere in your current graph) and see what comes out. (with -a ). so we can see what the packets look like. > > note the vlan node is inserted "backwards".. > >> >> >> -- >> Sent from: >> http://freebsd.1045724.x6.nabble.com/freebsd-net-f4005075.html >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39b20cd4-7336-b03c-1fa2-74ab09bae4e7>