From owner-freebsd-questions@FreeBSD.ORG Thu Apr 15 08:52:23 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E38E7106564A for ; Thu, 15 Apr 2010 08:52:22 +0000 (UTC) (envelope-from kraduk@googlemail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.153]) by mx1.freebsd.org (Postfix) with ESMTP id 650F08FC20 for ; Thu, 15 Apr 2010 08:52:21 +0000 (UTC) Received: by fg-out-1718.google.com with SMTP id 22so463952fge.13 for ; Thu, 15 Apr 2010 01:52:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:received:message-id:subject:from:to:cc:content-type; bh=NKbuZSzYMnxijx2MQ+vcOU41GzwpK8ul1VIUyYPS+ps=; b=cgFZcC6ynqcklIJcTkKgmXiuIeu2oUXQ2hUKa+642pDNa/5zKk/fk/jR+yvB+eRntK lrJketyjHvEfJ7pFTsuUkzdzjDMqlx5xO3rKWjG6vBwqYRAl5r1hfQHhPytOWHnSxWXp O3WLg77+686v3I9+QVsdSTy9ZjFXjCRO4pQxY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=dXVsg33AsiIufwHvB2XeblpUL1FgzkdjjcrLCTNP1RB+Qjgv4fb5BWCdtAV0LrsSC9 Dw2SflwWXrQ8LBaxH55hgU3WYsOiLUZmrjAGvlFqinSsDIoFALBehdCRrQiYrKj5ToP7 2ZiQrozWpWuuL7W8SZr8/JzTyseKGQumqPfpc= MIME-Version: 1.0 Received: by 10.239.165.129 with HTTP; Thu, 15 Apr 2010 01:52:20 -0700 (PDT) In-Reply-To: <1271258095.9196.7.camel@jane.spg.more.net> References: <1271196264.10895.33.camel@jane.spg.more.net> <1271258095.9196.7.camel@jane.spg.more.net> Date: Thu, 15 Apr 2010 09:52:20 +0100 Received: by 10.239.188.146 with SMTP id p18mr488937hbh.208.1271321540992; Thu, 15 Apr 2010 01:52:20 -0700 (PDT) Message-ID: From: krad To: Dan D Niles Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD Questions , ross.cameron@linuxpro.co.za Subject: Re: Extended VLAN? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Apr 2010 08:52:23 -0000 On 14 April 2010 16:14, Dan D Niles wrote: > On Wed, 2010-04-14 at 00:23 +0200, Ross Cameron wrote: > > Look into OpenVPN's bridge mode. > > www.openvpn.net > > > > I use it to bridge networks like what you have in mind quite regularly. > > Thanks, I'll look into that. > > > > > > > On Wed, Apr 14, 2010 at 12:04 AM, Dan D Niles wrote: > > > I have two FreeBSD routers. I would like both locations to share the > > > 10.10.0.0/16 network. If I were using Cisco routers I would use > > > extended VLANs. How would I do that with FreeBSD routers? > > > > > > I already have a tunnel set up and routing different networks in the > > > 192.168.0.0/16 range. > > > > > > Router A: > > > > > > ifconfig em2 inet 192.168.1.1 netmask 255.255.255.0 > > > ifconfig gif0 create 192.168.1.1 192.168.2.1 netmask 255.255.255.0 > tunnel > > > route add 192.168.2.0/24 129.168.2.1 > > > > > > Router B: > > > > > > ifconfig em2 inet 192.168.2.1 netmask 255.255.255.0 > > > ifconfig gif0 create 192.168.2.1 192.168.1.1 netmask 255.255.255.0 > tunnel > > > route add 192.168.1.0/24 129.168.1.1 > > > > > > This routes traffic between 192.168.1.0/24 and 192.168.2.0/24 as I > would > > > expect. > > > > > > The docs say I can use a tunnel with a bridge, which seems like it > would > > > do what I want. > > > > > > Router A: > > > > > > ifconfig em3 inet 10.10.1.1 netmask 255.255.0.0 > > > ifconfig bridge0 create addm em3 addm gif0 > > > > > > Router B: > > > > > > ifconfig em3 inet 10.10.2.1 netmask 255.255.0.0 > > > ifconfig bridge0 create addm em3 addm gif0 > > > > > > I cannot ping 10.10.2.1 from router A or 10.10.1.1 from router B. > > > > > > Should I be able to use a bridge this way? Am I missing some piece? > > > > > > Is there an easier/better way to extend a VLAN with FreeBSD routers? > > > > > > Thanks! > > > > > > Dan > > > > > > > > > _______________________________________________ > > > freebsd-questions@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > > > > > > > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > openvpn is a good solution, but that isn't the bit that does the bridging, its actually the tap interface that does. Openvpn just does the crytpo side, auth and tunnel setup