Date: Sun, 16 Aug 2015 22:04:52 +0800 From: Julian Elischer <julian@freebsd.org> To: James Lott <james@lottspot.com>, freebsd-net@freebsd.org Subject: Re: Ethernet tunneling options under FreeBSD Message-ID: <55D09884.7010102@freebsd.org> In-Reply-To: <2628655.0T22OuP5Ng@arch_project> References: <55CD1CE6.2010502@lottspot.com> <3236701.dypBHjs8Lg@arch_project> <CAKYr3zxbzouG-zHB9sLH9Gj_o_sKKRZbM5bw6NiTePFAA%2BHMHw@mail.gmail.com> <2628655.0T22OuP5Ng@arch_project>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/15/15 11:32 AM, James Lott wrote: > n2n honestly looks wonderful, but it also appears to be dead... I'm trying to > stay as close to the OS layer as possible with my options, so I would prefer > to limit the role of comprehensive software like OpenVPN or what > ZeroTierOne appears to be. > > I actually found this interesting github project, which provides a simple > solution for what I'm trying to do... > > https://github.com/vsergeev/tinytaptunnel you can do this on freebsd with no added software look at /usr/share/examples/netgraph. In particular the ether.bridge, virtual.lan and the udp.tunnel examples. You should be able to create a script that will tunnel two ethernet bridges together using elements from each script. I suspect you could make it totally compatible with tinytaptunnel. > > Unfortunately, it's written for Linux... and... in go... but the README at > least gave me a couple more ideas to look into. > > Feel free to keep coming with the suggestions if anyone has anymore! This is > great stuff > > On Saturday, August 15, 2015 13:05:17 Outback Dingo wrote: >> On Sat, Aug 15, 2015 at 12:40 PM, James Lott <james@lottspot.com> > wrote: >>>> you haven't really described the network well enough.. >>>> try an ascii-art diagram (don't forget to set fixed width font :-) >>>> a VPN required two ends.. one is FreeBSD... what's the other? >>> The thing is, the "other" could be any number of operating systems. I'm >>> looking for a tunneling protocol with good cross-platform representation, >>> but >>> the higher priority it enduring it tunnels ethernet frames. >>> >>> For the sake of example we can say the other end is a FreeBSD host, since >>> FreeBSD is looking like the "lowest common denominator" on this topic. >>> >>>> if both ends are FreeBSD there are dozens of possibilities.. >>>> for example: >>>> ng_eif->netgraph->ppp->ipsec->ppp->netgraph->ng_eif >>>> >>>> ng_eif->ng_ksock(udp)->IPsec->ng_ksock->ng_eif >>> I'm not overly concerned with the host side interfaces. What I'm really >>> concerned with is the tunneling protocol since that's what will need >>> support >>> on all of my platforms. Thus, a solution requiring netgraph on both ends >>> is >>> not an option in my case. >>> >>>> tap->ppp->ppp->tap >>> I have not found any ppp implementations under FreeBSD which support > BCP. >>> To my understanding, that's the only method by which ethernet frames can >>> be >>> tunneled over ppp... if I'm wrong, please do correct me! I would love >>> nothing >>> more than to be wrong about that :) >>> >>> On Friday, August 14, 2015 23:16:41 Julian Elischer wrote: >>>> On 8/14/15 6:40 AM, James Lott wrote: >>>>> Hello list, >>>>> >>>>> I am in the process of planning a build out of a L2 VPN, in which >>>>> I'd like to have my primary "switch" and DHCP server be a FreeBSD >>>>> system. I would like to join each new host to the VPN by >>>>> establishing an IP tunnel with the primary "switch" which transports >>>>> ethernet frames over the tunnel. >>>> you haven't really described the network well enough.. >>>> try an ascii-art diagram (don't forget to set fixed width font :-) >>>> a VPN required two ends.. one is FreeBSD... what's the other? >>>> >>>>> So far, the only protocol I have found supported by FreeBSD which >>>>> seems capable of this is EtherIP. As far as I can tell, it doesn't >>>>> look like there is any support for L2TPv3, and none of the PPP >>>>> implementations available appear to support BCP. >>>>> >>>>> I'm not completely opposed to using EtherIP, but if there is >>>>> something more modern which will meet my needs, I would probably > try >>>>> that first. So my question becomes: >>>>> >>>>> * Does anyone know of a method supported under FreeBSD (other than >>>>> EtherIP) for tunneling ethernet over IP that they may be able to >>>>> suggest I check out? >>>> if both ends are FreeBSD there are dozens of possibilities.. >>>> for example: >>>> ng_eif->netgraph->ppp->ipsec->ppp->netgraph->ng_eif >>>> >>>> ng_eif->ng_ksock(udp)->IPsec->ng_ksock->ng_eif >>>> >>>> tap->ppp->ppp->tap >>>> >>>>> Thanks for any suggestions! >> theres also N2N which is pretty nice, and well ZeroTierOne which is >> somewhat unique >> >>>>> _______________________________________________ >>>>> freebsd-net@freebsd.org mailing list >>>>> https://lists.freebsd.org/mailman/listinfo/freebsd-net >>>>> To unsubscribe, send any mail to "freebsd-net- > unsubscribe@freebsd.org" >>>> _______________________________________________ >>>> freebsd-net@freebsd.org mailing list >>>> https://lists.freebsd.org/mailman/listinfo/freebsd-net >>>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >>> -- >>> James Lott >>> _______________________________________________ >>> freebsd-net@freebsd.org mailing list >>> https://lists.freebsd.org/mailman/listinfo/freebsd-net >>> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55D09884.7010102>