Hello, I was wondering if and how I could bridge 2 WAN interfaces into single cable over vlan. Sounds cryptic, so let's start with the diagram of what I'd like to achieve:
lte wifi
\|/ \|/ I have 2 WAN interfaces, LTE and WIFI
| | Both are connected to OBSD1 box via
| | USB cable, installation is on a rooftop
+-------+
| OBSD1 | OBSD1 is a raspberry pi 4 network thingy
+-------+
| From the roof, to my server goes single
| CAT5E ethernet cable
+-------+
| OBSD2 | OBSD2 is a firewall/router
+-------+
| | | The rest are various computers, I got that
| | | part covered
| | |
LAN DMZ IOT
Now, both LTE and WIFI are USB devices that can give OBSD1 direct
IP address - like modem. I know I could simply operate OBSD1 like
router - install dhcpd to give IP to OBSD2 and forward traffic with
pf. But that seems like unnecessary overhead and I'd like to setup
packet priority/queueing on OBSD2 and treat OBSD1 like a stupid device.
So I was wondering, is it possible to bridge network so that:
(it's easier with another diagram)
IP IP
1.2.3.4 4.3.2.1
\|/ \|/
| |
+-----o---------*-----+ o - lte usb modem; * - wifi usb card
| | | |
| vlan1 vlan2 | OBSD1 packs raw layer2 frames into
| `----+----' | separate vlans
| | |
+----------o----------+ o - em0 interface
|
| Data goes through single cable
|
+----------o----------+ o - em0 interface
| | |
| .-----+-----. | OBSD2 unpacks vlan1 and 2 into separate
| vlan1 vlan2 | virtual interfaces.
| 1.2.3.4 4.3.2.1 |
+---------------------+
Now I'd like for vlan1 and vlan2 on OBSD2 to have 1.2.3.4 and 4.3.2.1
IPs, so that I can perform redundancy/load balancing/queueing/whatever
directly on OBSD2 device, and treat OBSD1 like some kind of stupid
switch/hub. Hope it's clear what I'd like to do.
Is it possible? Or am I imaging things and it's better to do it with
dhcp/pf routing? If it's possible to do with vlans on layer2, then
what am I suppose to look for? I can read man pages, but honestly
I don't really know how to approach that problem, so some keywords,
programs, rfcs would be nice to have:)
Or just tell me I'm stupid and overengineering things and I should
go with routing way:)
Thanks in advance for any help with this.
--
.-----------------.-------------------.---------------------.------------------.
| Michal Lyszczek | Embedded C, Linux | Company Address | .-. open source |
| +48 727 564 419 | Software Engineer | Leszczynskiego 4/29 | oo| supporter |
| https://bofc.pl `----.--------------: 50-078 Wroclaw, Pol | /`'\ & |
| GPG FF1EBFE7E3A974B1 | Bits of Code | NIP: 813 349 58 78 |(\_;/) programer |
`----------------------^--------------^---------------------^------------------'
signature.asc
Description: PGP signature
