Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 14 Aug 2015 20:32:55 -0700
From:      James Lott <james@lottspot.com>
To:        freebsd-net@freebsd.org
Subject:   Re: Ethernet tunneling options under FreeBSD
Message-ID:  <2628655.0T22OuP5Ng@arch_project>
In-Reply-To: <CAKYr3zxbzouG-zHB9sLH9Gj_o_sKKRZbM5bw6NiTePFAA%2BHMHw@mail.gmail.com>
References:  <55CD1CE6.2010502@lottspot.com> <3236701.dypBHjs8Lg@arch_project> <CAKYr3zxbzouG-zHB9sLH9Gj_o_sKKRZbM5bw6NiTePFAA%2BHMHw@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
n2n honestly looks wonderful, but it also appears to be dead... I'm trying to 
stay as close to the OS layer as possible with my options, so I would prefer 
to limit the role of comprehensive software like OpenVPN or what 
ZeroTierOne appears to be.

I actually found this interesting github project, which provides a simple 
solution for what I'm trying to do...

https://github.com/vsergeev/tinytaptunnel

Unfortunately, it's written for Linux... and... in go... but the README at 
least gave me a couple more ideas to look into.

Feel free to keep coming with the suggestions if anyone has anymore! This is 
great stuff 

On Saturday, August 15, 2015 13:05:17 Outback Dingo wrote:
> On Sat, Aug 15, 2015 at 12:40 PM, James Lott <james@lottspot.com> 
wrote:
> > > you haven't really described the network well enough..
> > > try an ascii-art diagram (don't forget to set fixed width font :-)
> > > a VPN required two ends.. one is FreeBSD... what's the other?
> > 
> > The thing is, the "other" could be any number of operating systems. I'm
> > looking for a tunneling protocol with good cross-platform representation,
> > but
> > the higher priority it enduring it tunnels ethernet frames.
> > 
> > For the sake of example we can say the other end is a FreeBSD host, since
> > FreeBSD is looking like the "lowest common denominator" on this topic.
> > 
> > > if both ends are FreeBSD there are dozens of possibilities..
> > > for example:
> > > ng_eif->netgraph->ppp->ipsec->ppp->netgraph->ng_eif
> > > 
> > > ng_eif->ng_ksock(udp)->IPsec->ng_ksock->ng_eif
> > 
> > I'm not overly concerned with the host side interfaces. What I'm really
> > concerned with is the tunneling protocol since that's what will need
> > support
> > on all of my platforms. Thus, a solution requiring netgraph on both ends
> > is
> > not an option in my case.
> > 
> > > tap->ppp->ppp->tap
> > 
> > I have not found any ppp implementations under FreeBSD which support 
BCP.
> > To my understanding, that's the only method by which ethernet frames can
> > be
> > tunneled over ppp... if I'm wrong, please do correct me! I would love
> > nothing
> > more than to be wrong about that :)
> > 
> > On Friday, August 14, 2015 23:16:41 Julian Elischer wrote:
> > > On 8/14/15 6:40 AM, James Lott wrote:
> > > > Hello list,
> > > > 
> > > > I am in the process of planning a build out of a L2 VPN, in which
> > > > I'd like to have my primary "switch" and DHCP server be a FreeBSD
> > > > system. I would like to join each new host to the VPN by
> > > > establishing an IP tunnel with the primary "switch" which transports
> > > > ethernet frames over the tunnel.
> > > 
> > > you haven't really described the network well enough..
> > > try an ascii-art diagram (don't forget to set fixed width font :-)
> > > a VPN required two ends.. one is FreeBSD... what's the other?
> > > 
> > > > So far, the only protocol I have found supported by FreeBSD which
> > > > seems capable of this is EtherIP. As far as I can tell, it doesn't
> > > > look like there is any support for L2TPv3, and none of the PPP
> > > > implementations available appear to support BCP.
> > > > 
> > > > I'm not completely opposed to using EtherIP, but if there is
> > > > something more modern which will meet my needs, I would probably 
try
> > > > that first. So my question becomes:
> > > > 
> > > > * Does anyone know of a method supported under FreeBSD (other than
> > > > EtherIP) for tunneling ethernet over IP that they may be able to
> > > > suggest I check out?
> > > 
> > > if both ends are FreeBSD there are dozens of possibilities..
> > > for example:
> > > ng_eif->netgraph->ppp->ipsec->ppp->netgraph->ng_eif
> > > 
> > > ng_eif->ng_ksock(udp)->IPsec->ng_ksock->ng_eif
> > > 
> > > tap->ppp->ppp->tap
> > > 
> > > > Thanks for any suggestions!
> 
> theres also N2N which is pretty nice, and well ZeroTierOne  which is
> somewhat unique
> 
> > > > _______________________________________________
> > > > freebsd-net@freebsd.org mailing list
> > > > https://lists.freebsd.org/mailman/listinfo/freebsd-net
> > > > To unsubscribe, send any mail to "freebsd-net-
unsubscribe@freebsd.org"
> > > 
> > > _______________________________________________
> > > freebsd-net@freebsd.org mailing list
> > > https://lists.freebsd.org/mailman/listinfo/freebsd-net
> > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
> > 
> > --
> > James Lott
> > _______________________________________________
> > freebsd-net@freebsd.org mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

-- 
James Lott



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2628655.0T22OuP5Ng>