From owner-freebsd-net@freebsd.org Tue Nov 3 06:51:16 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 116C044DB51 for ; Tue, 3 Nov 2020 06:51:16 +0000 (UTC) (envelope-from crapsh@monkeybrains.net) Received: from sfo.monkeybrains.net (sfo.monkeybrains.net [208.69.40.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.monkeybrains.net", Issuer "AlphaSSL CA - SHA256 - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CQL6C1M87z4gN3 for ; Tue, 3 Nov 2020 06:51:14 +0000 (UTC) (envelope-from crapsh@monkeybrains.net) Received: from Rudys-iMac.local (148-64-102-187.PUBLIC.monkeybrains.net [148.64.102.187]) (authenticated bits=0) by sfo.monkeybrains.net (8.15.2/8.15.2) with ESMTPSA id 0A36pCNm068351 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Mon, 2 Nov 2020 22:51:12 -0800 (PST) (envelope-from crapsh@monkeybrains.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=monkeybrains.net; s=dkim; t=1604386272; bh=qw349N29/luo/nMfFn/ALpVasjSWssxvLcyn2O4mQPw=; h=To:From:Subject:Date; b=qO3My9Ea0FTiYhVLagwNVmpL3kU/TM9qx95oP+/sBAjXrJYOKndQGBI+5qKbQKNLE mNt6cgoE6JlCjeLKHN8baLm/X8YZa8s3LJdxtctNHffS4wEJRPi8yqoDBmAUkpLV27 Tu1a96AIg2/ziqXoUlO7SyJSoei+3SEmR0ct1orc= X-Authentication-Warning: mail.monkeybrains.net: Host 148-64-102-187.PUBLIC.monkeybrains.net [148.64.102.187] claimed to be Rudys-iMac.local To: freebsd-net@freebsd.org From: Rudy Subject: VXLAN - ISPs using it? List of hardware that supports offloading? Message-ID: Date: Mon, 2 Nov 2020 22:51:12 -0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Virus-Scanned: clamav-milter 0.101.4 at mail.monkeybrains.net X-Virus-Status: Clean X-Rspamd-Queue-Id: 4CQL6C1M87z4gN3 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=monkeybrains.net header.s=dkim header.b=qO3My9Ea; dmarc=pass (policy=none) header.from=monkeybrains.net; spf=pass (mx1.freebsd.org: domain of crapsh@monkeybrains.net designates 208.69.40.9 as permitted sender) smtp.mailfrom=crapsh@monkeybrains.net X-Spamd-Result: default: False [-2.75 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr]; HAS_XAW(0.00)[]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[monkeybrains.net:+]; DMARC_POLICY_ALLOW(-0.50)[monkeybrains.net,none]; NEURAL_HAM_SHORT(-0.69)[-0.689]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:32329, ipnet:208.69.40.0/22, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[monkeybrains.net:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.06)[-1.056]; R_DKIM_ALLOW(-0.20)[monkeybrains.net:s=dkim]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.002]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[208.69.40.9:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Nov 2020 06:51:16 -0000 Are there any ISPs terminating VXLAN tunnels on FreeBSD boxes? My plan is to create a dozen vxlan interfaces, than add them all into a bridge and put my 'shared' DHCP pool on the bridge and have a shared GW ip on the bridge. I noticed the Chelsio cards support VXLAN offloading.  Is that important?  I'm hoping to push about 5 Gbps through the box, centralize IPv4 management and have a mix of publicly routable and 100.64 IPs in the DHCP pool (first come). If anyone has any example / tuning tips, please point me that way. I mostly see links related to jails / virtual machines, but I am more interested in tunneling remote VLANs back to the data center. Thanks, Rudy