@derelict Our company is moving from a 16bit mask to smaller segments. This is to be done as smoothly as possible But the problem is the old address’s must stay the same but with new subnets ie 10.23.3.1/16 could now be 10.23.3.1/24. This obviously means there will be temporary overlapping subnets
The idea is to use VRFs to help get this done. I’m trying to get VRF leaking to work but somehow the interfaces aren’t communicating.Therefore I thought it would be good for troubleshooting purposes to be able to ping from one VRF to the other using the cli. I know the cli is using the default VRF so it’s probably not possible to ping from another VRF but maybe there’s some kind of cool command.

@hashbang It is possible that a combination of endpoint-dependent NAT plus IPfix logging would solve the issue of matching inside addresses with outside NAT translations for compliance purposes, etc.

@derelict yes, it worked.
I changed gw to 192.168.96.5
Many thanks

@alan-jones That means nothing unless you are passing them through directly. Tnsr only sees virtio or vmxnet3. The underlying hardware is obfuscated.

@dbeyzade Can't promise, but I will certainly pass this along to our product manager.

@dbeyzade I assume you're capturing in the host shell on the capture interface presented there.

Your screenshot does not show any ping attempts.

Is it possible to capture your entire test and post the pcap file instead of a screen shot?

The same on the connected switch port would be nice as well.

Thank you.

@kiokoman This did the trick, thank you very much :)

@jamescr We have opened a ticket for you and assigned one of our engineers to see if we can work through these concerns. Thanks!

@derelict if I'm going to try, the problem I see is exactly the one you describe, even in mikrotik the neighbor is recognized and the changes that ospf announces.
ospf.PNG

@helmlein It is not intended to be this way and there is an open bug on the RA. DHCP6 features are simply not implemented yet.

@derelict Thanks.

@vesalius no they do not. RHEL can always be rebuilt from the source code that rhel MUST provide per the GPL. When centos was borged by RHEL the writing was on the wall for Centos. The other rebuilds will continue because the rhel sources will always be available. https://etc-md.com/2020/12/09/the-end-of-centos-and-my-moving-to-bsd/

@robing They need to be a type of NIC that dpdk supports. It should basically work with vmxnet3. Not sure what the capabilities of vmware player are.

@schnitzel_itdept Can do you do a packet capture on server B to double check all advertisements are received correctly?

@capitanblack

Thanks for your interest.

TNSR provides a RESTCONF API. I'm not aware of anyone that has attempted to integrate or test the API against Openstack/Ansible, but if those tools can make RESTCONFI requests it should be possible for them to configure TNSR.

The TNSR API docs can be found here: https://docs.netgate.com/tnsr/en/latest/api/

Feel free to send more questions or update us on your progress!

Time to put a CAPTCHA on logins? I dislike those things but sometimes you do what you gotta do...

The pricing from here is $500 per year for the Business Pro plan. There is no minimum/maximum speed, it's flat rate. It's not a replacement product for pfSense so your network doesn't need to be 'big enough' to benefit from it, you may use it even for the smallest networks if you wanted.