On Thu, 11 Sep 2008, Johan Torin wrote:
On Thursday 11 September 2008, bbee wrote:
tcpdump shows me the laptop is recieving etherip packets from the router,
but ofcourse since it isn't a bridge itself it doesn't know what to do with
them. How do I get the laptop to process these packets?
What interface do I assign an IP address to? I've tried giving the gif
tunnel an ipv6 address, but if I then use it to send data it will send
protocol 41 (ipv6) encapsulated packets and not 97 (etherip).
I don't know where you going with this, if your tunnel is working you should
be able to pass trafic on it. Bridging does not (usually|necessarily) involve
any specific support in the other end of a bridged interface.
It's working in the sense that I'm seeing packets that are being broadcast
on the lan coming in as etherip on the gif interface. If the laptop had a
bridge set up, it would forward them to it, but since it doesn't nothing
happens to them.
How does one, in general, bridge only a single host to a LAN with an
OpenBSD router? Help!!
You would probably like to trunk the wired and the wireless interfaces on the
laptop, and since you're encapsulating the wireless trafic over a gif-tunnel
you fail since you can't trunk gif-interfaces. Sorry.
Well, there goes that idea..
Tun-interfaces are trunkable (or atleast I have read so) so that would be a
way to accomplish this. However, it's a bit ironic that OpenBSDs fancy
ipsec.conf and friends (and I say this with quite a lot of admiration for
them) falls short in this sitation. One way to work-around this slight
short-coming is setup OpenVPN, which (IIRC) binds to tun-interfaces. I have
however not tested this.
Even forgetting the trunk failover, there is no way to give an IP from my
wired LAN to a remote device that doesn't actually have a connected
ethernet-like connection avaiable to receive etherip traffic for bridging?
That is, there is no way to use IPSEC on OpenBSD to get the traditional
"Remote VPN Access" thing where your mobile device is assigned a LAN IP?
And if someone knows how to setup a tun-tunnel in stock OpenBSD which
does not involve PPP or something like that, I would like to hear about
it.
Seconded. Maybe tun can be modified to actually accept packets (if it's in
layer 2 mode, it's being bridged, and tunX was created via ifconfig)
instead of always returning EHOSTDOWN?
Then I could simply bridge the gif and tun interface on my laptop, assign
tun an IP (or trunk it) and have it behave as if it was physically on the
remote LAN.
Thanks,
bbee
