On 2010-05-11, Toni Mueller <[email protected]> wrote: > Hi, > > I've been trying to figure out whether I can use OpenBSD in a nested > vlan scenario. I'm looking at a data centre where I want to get two > wires, each carrying several vlans, and funneling them home across a > WAN link. Various switch vendors claim to be able to do it, but I > couldn't really figure out what the current state of affairs wrt. > OpenBSD is. On the other side of the wires or fibres, I'll be talking > to Junipers, Ciscos (6509), and/or Foundy switches and/or routers on > the other side(s). > > The desired setup looks like this: > > data centre LAN --- switch --- WAN --- home (OpenBSD) > > I want to run at least three vlans across the WAN link, and need to > keep the vlans strictly separated.
First talk to your wan provider, they might either be able to allocate you a couple of vlans that they'll carry for you, or do QinQ (i.e. you feed the provider plain vlans, and they appear directly at the other side). But then again they might be like one I've used which *strips* tags! In-tree, there is the option of 'ifconfig vlanXXX vlandev vlanYYY" which might get you somewhere. This uses the same ethertype on inner and outer vlans and doesn't interoperate with other vendors vlan stacking, but you might be able to do something with it (or maybe you'll just confuse your providers switches). There's also a diff at http://www.mail-archive.com/[email protected]/msg65694.html that switches ethertype so you can interoperate with other vendors QinQ (it will need updating for -current). But usually you just feed plain vlans to the wan provider and they handle translation or stacking.. > I also need to do traffic shaping on > a per-vlan basis. This does seem to work but I'm under the impression that queueing "should" be done on the physical interface (vlandev).
