Extended VLAN?

krad kraduk at googlemail.com
Thu Apr 15 08:52:23 UTC 2010


On 14 April 2010 16:14, Dan D Niles <dan at more.net> wrote:

> On Wed, 2010-04-14 at 00:23 +0200, Ross Cameron wrote:
> > Look into OpenVPN's bridge mode.
> >     www.openvpn.net
> >
> > I use it to bridge networks like what you have in mind quite regularly.
>
> Thanks,  I'll look into that.
>
> >
> >
> > On Wed, Apr 14, 2010 at 12:04 AM, Dan D Niles <dan at more.net> wrote:
> > > I have two FreeBSD routers.  I would like both locations to share the
> > > 10.10.0.0/16 network.  If I were using Cisco routers I would use
> > > extended VLANs.  How would I do that with FreeBSD routers?
> > >
> > > I already have a tunnel set up and routing different networks in the
> > > 192.168.0.0/16 range.
> > >
> > > Router A:
> > >
> > > ifconfig em2 inet 192.168.1.1 netmask 255.255.255.0
> > > ifconfig gif0 create 192.168.1.1 192.168.2.1 netmask 255.255.255.0
> tunnel <routerA> <routerB>
> > > route add 192.168.2.0/24 129.168.2.1
> > >
> > > Router B:
> > >
> > > ifconfig em2 inet 192.168.2.1 netmask 255.255.255.0
> > > ifconfig gif0 create 192.168.2.1 192.168.1.1 netmask 255.255.255.0
> tunnel <routerB> <routerA>
> > > route add 192.168.1.0/24 129.168.1.1
> > >
> > > This routes traffic between 192.168.1.0/24 and 192.168.2.0/24 as I
> would
> > > expect.
> > >
> > > The docs say I can use a tunnel with a bridge, which seems like it
> would
> > > do what I want.
> > >
> > > Router A:
> > >
> > > ifconfig em3 inet 10.10.1.1 netmask 255.255.0.0
> > > ifconfig bridge0 create addm em3 addm gif0
> > >
> > > Router B:
> > >
> > > ifconfig em3 inet 10.10.2.1 netmask 255.255.0.0
> > > ifconfig bridge0 create addm em3 addm gif0
> > >
> > > I cannot ping 10.10.2.1 from router A or 10.10.1.1 from router B.
> > >
> > > Should I be able to use a bridge this way?  Am I missing some piece?
> > >
> > > Is there an easier/better way to extend a VLAN with FreeBSD routers?
> > >
> > > Thanks!
> > >
> > > Dan
> > >
> > >
> > > _______________________________________________
> > > freebsd-questions at freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > > To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
> > >
> >
> >
> >
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>

 openvpn is a good solution,  but that isn't the bit that does the bridging,
its actually the tap interface that does.  Openvpn just does the crytpo
side, auth and tunnel setup


More information about the freebsd-questions mailing list