No more vxlan kernel module in PFSence CE2.7
-
Hello,
It seems that the kernel module if_vxlan is no more present in PFSence CE2.7. It was available in PFsence CE2.6.
[2.6.0-RELEASE][admin@pfsense]/boot/kernel: ls -l if_vxlan.ko
-r-xr-xr-x 1 root wheel 60264 Jan 31 2022 if_vxlan.koCould you advise ?
Thanx
Thomas
-
vxlans were only ever an experimental feature in pfSense. Since their typical use by bridging multiple VLANs is not possible the GUI components were removed some time ago. The module remained but was never used so it was removed from the build.
-
Hello
Thanks for your answer.
I use this kernel module with shellcmd at startup, and then I can build extended lan over the internet between two pfsense node (even if it is not very secure).
That allow me to transport multicast traffic. It is needed to synchronise keycloak cluster. For now I haven't found other way to do that.It is possible to add the kernel module in a future build ? or advise to do that with other ways.
Thank you
Thomas
-
You should be able to do that with anything you can bridge to, so OpenVPN in TAP mode should work. And that's encrypted.
The vxlan module is still in 23.05.1 so you could upgrade to that if it's something you really need.
-
For some weird reason, I though that L2 VPN was only used for remote access, not for peer to peer.
I've successfuly migrated from Vxlan to Openvpn.
Thanks for your help
