Bridging a vlan trunk with a gif tunnel?

Hauke Fath hf at spg.tu-darmstadt.de
Sun Apr 1 21:09:57 UTC 2018 

On Sun, 1 Apr 2018 22:58:36 +0700, Eugene Grosbein wrote:
> 01.04.2018 21:42, Hauke Fath wrote:
> 
>> I am trying to network a remote site with a main site through a bridged 
>> gif tunnel, and it doesn't work for me. 
> 
> gif(4) supports only untagged frames when added to a bridge.

Well, as I said, bridging the trunk from the gif tunnel to the hardware 
ix interface works, in that the attached switch sorts it out and 
machines on both sides connect. It's the router's vlan interfaces that 
do not communicate with the bridge.
 
> You need to create gif-per-vlan 

... three vlans, one ip.

> or switch to newer vxlan(4).

That wouldn't work with the switches, would it, like vlans?
 
>> In the past, I have set up a similar link by tunneling ip over gif, but 
>> routing turned out to be intricate
> 
> what problems do you have with routing over gif? It works just fine for me.

Routing requires new subnets, with acl changes rippling through the 
whole installation. Since the university is essentially out of public 
ipv4 space, we would have to NAT those subnets. Plus, with the past 
setup, we got asymmetric routing, with some machines not reachable from 
the other side - I successfully forgot the gory details, it's been a 
while.

>> and I figured just bridging the exclave with the main site would 
>> save me routing issues,
> 
> And bring in bridging issues that are more severe.

Like what, besides the shortcomings of if_bridge(4)?

>> plus I could  stick with the existing subnets.
> 
> And have extra overhead to pass +14 bytes of headers of MAC addresses 
> per frame.
> 
> Single gif+bridge does not support trunks.

I'll take that, and look into a routing setup. Thanks for your answers, 
even if I don't like them.  ;)

Cheerio,
hauke

-- 
     The ASCII Ribbon Campaign                    Hauke Fath
()     No HTML/RTF in email            Institut für Nachrichtentechnik
/\     No Word docs in email                     TU Darmstadt
     Respect for open standards              Ruf +49-6151-16-21344

More information about the freebsd-net mailing list