From owner-freebsd-net@freebsd.org  Fri Mar 23 03:48:31 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id AA953F67759
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Fri, 23 Mar 2018 03:48:31 +0000 (UTC)
 (envelope-from julian@freebsd.org)
Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "vps1.elischer.org",
 Issuer "CA Cert Signing Authority" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 43A1E7DE28
 for <freebsd-net@freebsd.org>; Fri, 23 Mar 2018 03:48:30 +0000 (UTC)
 (envelope-from julian@freebsd.org)
Received: from Julian-MBP3.local (115-166-20-68.dyn.iinet.net.au
 [115.166.20.68]) (authenticated bits=0)
 by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id w2N3R0VC092426
 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
 Thu, 22 Mar 2018 20:27:03 -0700 (PDT)
 (envelope-from julian@freebsd.org)
Subject: Re: Need Netgraph Help [fixed]
From: Julian Elischer <julian@freebsd.org>
To: John Lyon <johnllyon@gmail.com>
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>,
 Eugene Grosbein <eugen@grosbein.net>
References: <CAKfTJoUMxo7gsio7JJD8Vj_xPgFx5YEBH3_XViFhR0dt59==Dw@mail.gmail.com>
 <5A3225BF.6020205@omnilan.de>
 <CAKfTJoX78JhqsvB669Gxsr5UtZkbwuZrnVhOdU2UMacF7FmP1g@mail.gmail.com>
 <5A32F63E.8010205@grosbein.net> <5A338C5A.20300@omnilan.de>
 <CAKfTJoW5H82VLyBZ_5_sa9HU7Xbot7imeiP-ogVCNkHGe0_30Q@mail.gmail.com>
 <2e0525c8-2251-a5f5-45d1-fe44ebe318f7@freebsd.org>
 <CAKfTJoXe+ZjDEMbF12-JcwBAs0uQoAFYAC3g1A_d0yM8by-z6g@mail.gmail.com>
 <ac0e236e-f27c-d4ed-8527-010dd025efff@freebsd.org>
 <4fee4ea6-9b35-afba-6d5d-24ecca3e28c6@freebsd.org>
 <CAKfTJoUuxKKkZEo5+nv98jqk3T2D77-CS-rdqvVUQE+czHpzrw@mail.gmail.com>
 <3b8d46da-75e3-79f2-379c-b27a88e80733@freebsd.org>
 <CAKfTJoXdqm0Bj+85omHg6oiKhqDNkxfW5rs9nxsqH79qdCd9Gw@mail.gmail.com>
 <47C0E33A-E815-4860-A25C-F29BBB8D6787@gmail.com>
 <c96502df-1ea3-555a-f773-1f402e753844@freebsd.org>
 <CAKfTJoWFrwOciBuddHm=i9DkiXTn4-QSqzn1Qai3zr6XMn85sA@mail.gmail.com>
 <9fe76b26-2d1c-939a-8ece-947f5140bc0f@freebsd.org>
Message-ID: <e02f78d3-616a-7942-6d1d-ffab39c5ec4f@freebsd.org>
Date: Fri, 23 Mar 2018 11:26:54 +0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0)
 Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <9fe76b26-2d1c-939a-8ece-947f5140bc0f@freebsd.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 03:48:32 -0000

Hi John, did you ever try out my version?

Julian

On 7/1/18 4:06 am, Julian Elischer wrote:
> On 7/1/18 4:02 am, John Lyon wrote:
>> Thanks for the clarification and all the help.
>>
>> After Marko clarified that that edges/hooks are bidirectional, I 
>> was able to get it working WAN to LAN and LAN to WAN by using a 
>> pair of one2many and ETF nodes.
>>
>> The commands were (from memory):
>>
>> #Create Unfiltered WAN Path
>> ngctl mkpeer igb0: one2many lower one
>> ngctl name igb0:lower wanmux
>> ngctl mkpeer wanmux: etf many0 downstream
>> ngctl name wanmux:many0 wanfilter
>> ngctl connect wanfilter: igb0: nomatch upper
>>
>> #Create Unfilter LAN Path
>> ngctl mkpeer igb1: one2many lower one
>> ngctl name igb1:lower lanmux
>> ngctl mkpeer lanmux: etf many0 downstream
>> ngctl name lanmux:many0 lanfilter
>> ngctl connect lanfilter: igb1 nomatch upper
>>
>> #Cross Connect Two Paths
>> ngctl connect wanfilter wanmux waneapout many1
>> ngctl connect lanfilter lanmux laneapout many1
>>
>> #Filter Cross Connections
>> ngctl msg wanfilter: 'setfilter { matchhook="waneapout" 
>> ethertype=0x888e }'
>> ngctl msg lanfilter: 'setfilter { matchhook="laneapout" 
>> ethertype=0x888e }'
>>
>> The graph looks like this:
>>
>> igb0] <----> [mux0] <---> [etf0] <----> [igb0
>>                                \       /
>>                                   X
>>                                /      \
>> igb1] <----> [mux1] <---> [etf1] <----> [igb1
>>
>>
>> It was conceptually easier for me to wrap my head around and it 
>> appears to work (somewhat).  But if I can get it to work, I like 
>> Julian's approach better as it is simpler and uses fewer nodes.
>
> etf includes a mux/demux..  the link is bidirectional.
>
>
>>
>> Thanks again for all the help!
>>
>> --------------------------------
>> John L. Lyon
>> PGP Key Available At:
>> https://www.dropbox.com/s/skmedtscs0tgex7/02150BFE.asc
>>
>> On Sat, Jan 6, 2018 at 2:39 PM, Julian Elischer <julian@freebsd.org 
>> <mailto:julian@freebsd.org>> wrote:
>>