0

I have had problems finding a way to bridge network interfaces on Debian/kFreeBSD.

My primary goal is to create 2 - 4 tap interfaces and bridge them with two physical Interfaces.

The Syntax in /etc/network/interfaces differs a bit from the Linux version.

currently i use the following (on Linux Debian)

(only partial output)

auto tap0
iface tap0 inet manual
  pre-up openvpn --mktun --dev tap0
  post-down openvpn --rmtun --dev tap0

auto tap1
iface tap1 inet manual
  pre-up openvpn --mktun --dev tap1
  post-down openvpn --rmtun --dev tap1

auto br0
iface br0 inet static
  bridge_ports tap0 tap1 eth1 eth2
  address 10.20.30.40
  netmask 255.255.255.0

What would be the normal solution, als openvpn on FreeBSD only creates the device if ONE user connects?

i am missing somthing like /etc/rc.conf

cloned_interfaces="bridge0"
ifconfig_bridge0="addm re0 up"
openvpn_if="tap bridge"

My general goal would be to switch from Debian Linux to Debian kFreeBSD but i need to sort out some things first.

(reasons for my change are PF (witch I find much more easier to use than iptables) and native ZFS) but, you could convince from other approaches (BIG FS needed, and btrfs is not stable enough)

Daywalker
  • 495
  • 5
  • 25

1 Answers1

1

Debian/kFreeBSD networking components are FreeBSD kernel features and so follows the FreeBSD way.

To create a tunnel interface on FreeBSD, you simply use:

ifconfig tun0 create
ifconfig tun0 tunnel <source IP> <destination IP>
ifconfig tun0 up

And you probably add some route instructions, to use this tunnel.

But you seem to use OpenVPN. I wonder if the OpenVPN configuration wouldn't be able to set this tun0 interface for you, like this is the case on FreeBSD. One of my OpenVPN configuration on a FreeBSD server for example contains these instructions lines:

# Run in point to point mode
mode p2p

# Other endpoint
remote <the remote ip or host>
local <your ip>

# Network config
dev-type tun
dev tun0
ifconfig <my local 10.x address> <the remote 10.x local adress>

For some advanced tunnel configuration, like IPv4->IPv6 tunnels, there is a more advanced driver, called gif0. Here a sample:

ifconfig gif0 create
ifconfig gif0 tunnel <your server> <the destination server ipv4>
ifconfig gif0 inet6 <the main ipv6 address>
route -n add -inet6 default <the ipv6 routing address>
ifconfig gif0 up
Dereckson
  • 136
  • 8
  • Thanks for the answer, but i also would like to know about the ways to configure this, as I don't know exactly there to store those configurations. the openVPN things is interesting, and helpful, but I wanted the OpenVPN subnet to be a switched one as i want to provide 4 OpenVPN configurations on the server tcp and udp on port 80 and 443. As i Mentioned in my question, i'd like something as the /etc/network/interfaces file where I could store and set up all this things at startup. – Daywalker Aug 23 '13 at 06:17
  • 1
    There are shell commands, so you can create a shell script. You can also write the commands in /etc/rc.local (before the exit 0; line) to have them executed at startup. – Dereckson Aug 24 '13 at 11:31