On 8/15/15 11:32 AM, James Lott wrote:
n2n honestly looks wonderful, but it also appears to be dead... I'm trying to
stay as close to the OS layer as possible with my options, so I would prefer
to limit the role of comprehensive software like OpenVPN or what
ZeroTierOne appears to be.
I actually found this interesting github project, which provides a simple
solution for what I'm trying to do...
https://github.com/vsergeev/tinytaptunnel
you can do this on freebsd with no added software
look at /usr/share/examples/netgraph. In particular the ether.bridge,
virtual.lan and the udp.tunnel
examples.
You should be able to create a script that will tunnel two ethernet
bridges together using elements from each script.
I suspect you could make it totally compatible with tinytaptunnel.
Unfortunately, it's written for Linux... and... in go... but the README at
least gave me a couple more ideas to look into.
Feel free to keep coming with the suggestions if anyone has anymore! This is
great stuff
On Saturday, August 15, 2015 13:05:17 Outback Dingo wrote:
On Sat, Aug 15, 2015 at 12:40 PM, James Lott <ja...@lottspot.com>
wrote:
you haven't really described the network well enough..
try an ascii-art diagram (don't forget to set fixed width font :-)
a VPN required two ends.. one is FreeBSD... what's the other?
The thing is, the "other" could be any number of operating systems. I'm
looking for a tunneling protocol with good cross-platform representation,
but
the higher priority it enduring it tunnels ethernet frames.
For the sake of example we can say the other end is a FreeBSD host, since
FreeBSD is looking like the "lowest common denominator" on this topic.
if both ends are FreeBSD there are dozens of possibilities..
for example:
ng_eif->netgraph->ppp->ipsec->ppp->netgraph->ng_eif
ng_eif->ng_ksock(udp)->IPsec->ng_ksock->ng_eif
I'm not overly concerned with the host side interfaces. What I'm really
concerned with is the tunneling protocol since that's what will need
support
on all of my platforms. Thus, a solution requiring netgraph on both ends
is
not an option in my case.
tap->ppp->ppp->tap
I have not found any ppp implementations under FreeBSD which support
BCP.
To my understanding, that's the only method by which ethernet frames can
be
tunneled over ppp... if I'm wrong, please do correct me! I would love
nothing
more than to be wrong about that :)
On Friday, August 14, 2015 23:16:41 Julian Elischer wrote:
On 8/14/15 6:40 AM, James Lott wrote:
Hello list,
I am in the process of planning a build out of a L2 VPN, in which
I'd like to have my primary "switch" and DHCP server be a FreeBSD
system. I would like to join each new host to the VPN by
establishing an IP tunnel with the primary "switch" which transports
ethernet frames over the tunnel.
you haven't really described the network well enough..
try an ascii-art diagram (don't forget to set fixed width font :-)
a VPN required two ends.. one is FreeBSD... what's the other?
So far, the only protocol I have found supported by FreeBSD which
seems capable of this is EtherIP. As far as I can tell, it doesn't
look like there is any support for L2TPv3, and none of the PPP
implementations available appear to support BCP.
I'm not completely opposed to using EtherIP, but if there is
something more modern which will meet my needs, I would probably
try
that first. So my question becomes:
* Does anyone know of a method supported under FreeBSD (other than
EtherIP) for tunneling ethernet over IP that they may be able to
suggest I check out?
if both ends are FreeBSD there are dozens of possibilities..
for example:
ng_eif->netgraph->ppp->ipsec->ppp->netgraph->ng_eif
ng_eif->ng_ksock(udp)->IPsec->ng_ksock->ng_eif
tap->ppp->ppp->tap
Thanks for any suggestions!
theres also N2N which is pretty nice, and well ZeroTierOne which is
somewhat unique
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-
unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
--
James Lott
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
