Hello
is there a way to encapsulate 802.1q tag in a Ethernet Transparent Bridge GRE tunnel ?
Pierre
Yes, you should be able to do this using the gre-bridge encapsulation type on a tunnel. Bridge the tunnel to an ethernet interface (like an access port for a customer) - then the customer device can send tagged packets through.
Thanks for these answer.
For doing what i need, i will passe the shell commands :
sudo ip link add link tun0 name tun0.2422 type vlan id 2422
sudo brctl addif br2422 tun0.2422
sudo ip link set tun0.2422 up
These commands are not included in native VyOS CLI, so I create them in the “configure CLI” part :
Surely very incomplete et aproximate job…
[code]root@VRT-APHW:/opt/vyatta/share/vyatta-cfg/templates# cat interfaces/tunnel/node.tag/vif/node.def
tag:
priority: 319
type: u32
help: Virtual Local Area Network (VLAN) ID in gre-bridge tunnel
syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4094; “VLAN ID must be between 0 and 4094”
val_help: u32:0-4094; VLAN ID
create: if ! ip link add link $VAR(…/@) name “$VAR(…/@).$VAR(@)” type vlan id $VAR(@)
then echo “Error creating VLAN device $VAR(…/@).$VAR(@)”
exit 1
fi
# if parent is up, then bring VLAN up
if [ $(( $(cat /sys/class/net/(…/@)/flags) & 1 )) -eq 1 ]
then ip link set “$VAR(…/@).$VAR(@)” up
fi
/opt/vyatta/sbin/vyatta-link-detect “$VAR(…/@).$VAR(@)” on
delete: [ -d /sys/class/net/$VAR(…/@).$VAR(@) ] || exit 0
ip link delete dev “$VAR(…/@).$VAR(@)” type vlan id $VAR(@)
[/code]
and
And sorry for my bad english written …
I don’t quite understand what you are trying to accomplish. Are you running a GRE tunnel between two VyOS devices? Can you sketch a network diagram?
was their any progress on this?
i am trying to pass two vlans over a single gre-bridge. Right now, i have it configured with two GRE-Bridges, but having one inside the other is not ideal with the packet overhead.
my breakdown is:
Router 1 - Client
- 4 VLANs
- 1 Internet
- 1 Cross-Network Link
Router 2 - VPN (External to Internal Bridging)
- 1 Internet
- 1 Cross-Network Link
Router 3 - Remote Site
- 4 VLANs
- 1 Internet
Router 3 connects to Router 2 using OpenVPN site to site with a 192 address
Router 3 uses a GRE-Bridge to Router 2 to connect to the Cross-Network link (to appear to be physically connected) and broadcasts RIP
Router 3 then uses a GRE-Bridge to connect to Router 1 using the Cross-Network IP
if i can pass vlan tags (and break them back out on the router) i can eliminate the tunnel in tunnel
[Router 1] — [Router 2] === [Router 3]
i have two uses cases for this, first selfishly is my own personal want, extending the layer 2 to remote sites (in my case other family houses) i can play my xbox remotely since they no longer allow it over the internet. Second is for work, where i am trying to extend 3 data center vlans to our DR site with just two devices.
see the example on the end:
https://wiki.vyos.net/wiki/Bridge_Interfaces
may be it can fit your needs?
That allows you to merge multiple vlans or interfaces, in merging it does not keep the vlan tags on the bridge. It acts as a patch cord between the two. I am using the br interface with the gre-bridge already.
I need to pass multiple vlans with tags. Like a trunk port over the tunnel.
I would prefer to not output to a switch, and input a trunk port as a layer 2 bridge port. Their should be a way to do it in software.
with this sample code i got layer2 via gre:
set interfaces bridge br1
set interfaces ethernet eth3 bridge‐group bridge br1
set interfaces tunnel tun0 local‐ip <SourceIP to use for tunnel>
set interfaces tunnel tun0 remote‐ip <DestinationIP to use for tunnel endpoint>
set interfaces tunnel tun0 encapsulation gre‐bridge
set interfaces tunnel tun0 parameters ip bridge-group bridge br1
but vlans must not be defined on the interface in vyos. So you need a switch, who tag the vlans. I don’t know a way to get this only in software