Thanks Stuart!
On 1/26/21 11:36 AM, Stuart Henderson wrote:
On 2021-01-25, Kaya Saman <kayasa...@gmail.com> wrote:
Thanks a lot Tom for your response.
Perhaps I wasn't quite clear in what I am trying to achieve?
When I say trunk, I meant from a switch perspective as in a 802.1Q trunk
port on a switch.
I think I got mixed up with the OpenBSD terminology since it is slightly
different:
yes.
So now I just need to find out how the switch interface works in OpenBSD
and see if I can get it working with 802.1q tagging and the rest of the
L2 networking protocols.
You do not want the "switch" interface type. "bridge" is the one you
need for what you're asking to do, but...
I figured this one out in my VM setup which was basically that I needed
to activate 'promiscuous mode' on the NIC's. Afterwards, bridging the
Trunks worked fine. I haven't tested anything other then basic
connectivity yet though so I do not know how the setup will behave.
Of course an alternate would be to link the 1GbE switch to the 10GbE
switch and do things that way, but the above would be more practical
from a cabling sense.
...that alternative is the real answer. Using bridge for this will
be a mess (you haven't mentioned PF yet but configuring that will be
a pain) and won't perform particularly well.
With bridge, I *think* you will want to bridge the vlan interfaces
together, not the trunk interfaces.
Hmm..... this is the exact area that I'm trying to explore currently.
Currently what I have in place is this:
Router (4 port lacp trunk - multiple vlans , no bridging , PF rules for
vlans and NAT ) ->
<- Switch1 (lacp trunk to router) ->
Switch1 (lacp trunk to Switch2)
Switch1 (lacp trunk to Switch3)
Switch1 (lacp trunk to Switch4)
Switch2 (lacp trunk to Switch5)
So basically Switch1 is being used as an aggregation switch to link to
multiple other switches.
If I changed things around by adding a new higher performance (10GbE)
switch above Switch1 then I would need to re-cable and change my main
trunk interface over from using the 1GbE NICs to 10GbE NICs. Outside of
this nothing much else would need to change as PF would stay the same.
However, if I created a new 2 port lacp trunk using the 10GbE interfaces
then bridged the new trunk with the existing trunk will that mean that
all the sub-interfaces will be bridged additionally?
For example if data is sent on vlan1 then will all the vlans see this? I
will verify this in my VM setup additionally but I'm curious as to how
PF would be affected by this?
It would be really nice if there was a mechanism to just do something
like which is perfectly fine on a switch then have PF working as normal
on top:
switchport g0/1
trunk
lagg-group 1
switchport g0/2
trunk
lagg-group 2
But of course in OpenBSD vlans are bound to an interface which makes the
configuration a little different.
Regards,
Kaya
