Date: Sun, 1 Apr 2018 23:10:22 +0200 From: Hauke Fath <hf@spg.tu-darmstadt.de> To: Eugene Grosbein <eugen@grosbein.net> Cc: freebsd-net@freebsd.org Subject: Re: Bridging a vlan trunk with a gif tunnel? Message-ID: <20180401231022184335.e841ceaf@spg.tu-darmstadt.de> In-Reply-To: <5AC101AC.60906@grosbein.net> References: <20180401164209528151.6f554119@spg.tu-darmstadt.de> <5AC101AC.60906@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 1 Apr 2018 22:58:36 +0700, Eugene Grosbein wrote:
> 01.04.2018 21:42, Hauke Fath wrote:
>=20
>> I am trying to network a remote site with a main site through a bridged=
=20
>> gif tunnel, and it doesn't work for me.=20
>=20
> gif(4) supports only untagged frames when added to a bridge.
Well, as I said, bridging the trunk from the gif tunnel to the hardware=20
ix interface works, in that the attached switch sorts it out and=20
machines on both sides connect. It's the router's vlan interfaces that=20
do not communicate with the bridge.
=20
> You need to create gif-per-vlan=20
... three vlans, one ip.
> or switch to newer vxlan(4).
That wouldn't work with the switches, would it, like vlans?
=20
>> In the past, I have set up a similar link by tunneling ip over gif, but=
=20
>> routing turned out to be intricate
>=20
> what problems do you have with routing over gif? It works just fine for m=
e.
Routing requires new subnets, with acl changes rippling through the=20
whole installation. Since the university is essentially out of public=20
ipv4 space, we would have to NAT those subnets. Plus, with the past=20
setup, we got asymmetric routing, with some machines not reachable from=20
the other side - I successfully forgot the gory details, it's been a=20
while.
>> and I figured just bridging the exclave with the main site would=20
>> save me routing issues,
>=20
> And bring in bridging issues that are more severe.
Like what, besides the shortcomings of if_bridge(4)?
>> plus I could stick with the existing subnets.
>=20
> And have extra overhead to pass +14 bytes of headers of MAC addresses=20
> per frame.
>=20
> Single gif+bridge does not support trunks.
I'll take that, and look into a routing setup. Thanks for your answers,=20
even if I don't like them. ;)
Cheerio,
hauke
--=20
The ASCII Ribbon Campaign Hauke Fath
() No HTML/RTF in email Institut f=FCr Nachrichtentechnik
/\ No Word docs in email TU Darmstadt
Respect for open standards Ruf +49-6151-16-21344
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180401231022184335.e841ceaf>