Hi all,
I’m doing a simulation on GNS3 IPsec VPN on pseudo interface. Please refer below picture:
When vyos1.2 LAN pinging to vyos1.2-2 LAN I can’t see any icmp traffic on peth0 :
Able to see icmp on eth0 :
Flow accounting- no issue with eth0 but cannot detect on peth0 :
Please help to advise on why I cant see traffic on peth0
Hi all,
Is pseudo interface not as efficient as ethernet interface?
I need to use several public ip on production router as ethernet interfaces are limited.
Try to applied to pseudo interface but seems like the no traffic can be seen on peth.
Hi @zakwan
You can’t see flow accounting for peth/ppp/dummy interfaces
Example with dummy interface you can see only output packets.
set interfaces ethernet eth4 address '1.1.1.1/24'
set interfaces dummy dum0 address '1.1.1.55/24'
vyos@main# sudo tcpdump -ni dum0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on dum0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:21:47.823475 IP 1.1.1.55 > 1.1.1.2: ICMP echo reply, id 3063, seq 823, length 64
11:21:48.847350 IP 1.1.1.55 > 1.1.1.2: ICMP echo reply, id 3063, seq 824, length 64
11:21:49.870917 IP 1.1.1.55 > 1.1.1.2: ICMP echo reply, id 3063, seq 825, length 64
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernel
How about use vlans?
Hi @Viacheslav
It means peth cannot works like ethernet?
I need at least 6 interfaces with that could works like ethernet (separate firewalls and flow-accounting). Some of the interfaces will have separate VPN to supplier, some VPN to client, 1 to internet.
Cloud provider only can provide 1 ethernet interface. For every supplier and client connect to eth0 is quite messy. Hence i really need any virtual interfaces that could works like ethernet.
Please advise.
Hi @Viacheslav,
No Traffic detect on dum0. Not sure why
VLAN
Ping to VLAN IP 203.142.10.9
Tcpdump result shows no traffic too.
Please advise if this is not right? perhaps got bugs on my vyos image?
Do you set ip address on dummy interface?
You don’t need set the same pool on different VLANs.
/25 vlan 5
/25 vlan 10
You must understand that the traffic will go tagged further on the network if you use vlan.
Hi @Viacheslav,
Yes, I have set the dummy dum0 ip address as below. Ping from PTPtest1 to PTPtest2 router dummy ip address, tcpdump on dummy router but no traffic can be seen.
I understand that Vlan will be tagged and need to be untagged (trunk and access). Just doing a test to see if can see tcpdump on eth0.
