Need Netgraph Help [fixed]
John Lyon
johnllyon at gmail.com
Mon Apr 23 16:16:25 UTC 2018
That's interesting. Why did you insert ng_vlan "backwards". My though is
that you would want to do something like this (because the whole point is
you want to remove the VID=0 tag since FreeBSD won't bind to VID=0):
ONT]----em0]lower---downstream_vlan0[VLAN]------downstream
[eapfilter:]nomatch--------upper[em0...
eapout
|
|
|
RG]------em1]lower----------------------
-------------------------------------------/
--------------------------------
John L. Lyon
PGP Key Available At:
https://www.dropbox.com/s/skmedtscs0tgex7/02150BFE.asc
On Mon, Apr 23, 2018 at 5:55 AM, Julian Elischer <julian at freebsd.org> wrote:
> On 22/4/18 12:52 pm, GPz1100a wrote:
>
>> @John
>>
>> Did you ever get this fully figured out? I'm trying to do what I think is
>> the same thing with my fiber internet connection - eliminate the need to
>> use
>> the isp provided gateway (or at least reduce its function). I'm running
>> *opnsense*. This thread
>> https://forum.pfsense.org/index.php?topic=111043.msg793292#msg793292 is
>> what
>> led me here.
>>
>> Three nics correspond to the following
>>
>> em0 - ONT (WAN)
>> xl0 - 3com pci - isp provided residential gateway (RG)
>> ue0 - usb nic - LAN
>>
>> Using Julian's code from Jan 06, 2018; 1:39pm,
>>
>> ngctl mkpeer em0: etf lower downstream
>> ngctl name em0:lower waneapfilter
>> ngctl connect waneapfilter: em0: nomatch upper
>>
>> ngctl mkpeer xl0: etf lower downstream
>> ngctl name xl0:lower laneapfilter
>> ngctl connect laneapfilter: xl0: nomatch upper
>>
>> * ngctl connect waneapfilter laneapfilter eapout eapout*
>>
>> ngctl msg waneapfilter: 'setfilter { matchhook="eapout"
>> ethertype=0x888e }'
>> ngctl msg laneapfilter: 'setfilter { matchhook="eapout"
>> ethertype=0x888e }'
>>
>> When I get to the command in bold it comes back with this error:
>>
>> root at OPNsense:~ # ngctl connect waneapfilter laneapfilter eapout
>> eapout
>> ngctl: send msg: No such file or directory
>>
>> I'm not sure how to proceed from here.
>>
>> Thanks for any help you (or others) can offer.
>>
>> --J
>>
>>
> I wish I had known the full picture before..
> then I could have added the required bits:
>
> So think you need this:
>
> ONT]----em0]lower---downstream[eapfilter:]nomatch----vlan0[
> VLAN]downstream----upper[em0...
> eapout
> |
> |
> |
> RG]------em1]lower---------------/
>
> ie. use an etf node on each interface.
>
> ngctl mkpeer igb0: etf lower downstream
> ngctl name igb0:lower eapfilter
> ngctl mkpeer igb0: vlan upper downstream
> ngctl name igb0:upper vlanheader
> ngctl msg vlanheader: addfilter '{ vlan=0 hook="vlan0" }'
> ngctl connect vlanheader: eapfilter: vlan0 nomatch
> ngctl connect eapfilter: igb1: eapout lower
> ngctl msg waneapfilter: 'setfilter { matchhook="eapout" ethertype=0x888e }'
>
> note the vlan node is inserted "backwards"..
>
>
>
>>
>> --
>> Sent from: http://freebsd.1045724.x6.nabble.com/freebsd-net-f4005075.html
>> _______________________________________________
>> freebsd-net at freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>>
>>
>
More information about the freebsd-net
mailing list