Help me on the interface GIF



  • Hi everyone,
    I am trying to bring 192.168.10.0/24 subnet from Japan to Australia as we need to broadcast from Australia to detect the device in Japan. (BNJ Discovery Protocol is used)
    Currently I am using Windows OpenVPN TAP bridge to achieve this which is not that stable.
    2 sites are already connected via VTI IPSec.

    I was advised that GIF could make it but I think not many people have tried this and I don't know how to configure GIF please?

    Could someone help me to setup GIF.

    • Parent Interface
    • GIF Remote Address
    • GIF tunnel local address
    • GIF tunnel remote address
    • GIF tunnel subnet

    pfSense 2.4.5 running on ESXi

    Thanks for your support in advance.

    607f707b-78bc-48c9-8d6b-6e0d1ac829f3-image.png



  • @JMizuno
    Hi
    For bridging networks at the L2 level, you can try

    1. Configure an Openvpn tunnel between two PFSense (client + server ) in Tap Mode
      08fb9072-8474-4152-932e-fe6662b6f249-image.png

    or

    1. Use the Netgraph network subsystem ( it is built into the PF kernel ).
      To solve this problem, you will need the following modules :
      ng_ether, ng_bridge, ng_ksocket .

      https://www.freebsd.org/cgi/man.cgi?netgraph(4)

      [2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldstat -v | grep ng_
      547 ng_socket
      532 ng_ether
      531 ng_eiface
      546 ng_rfc1490
      545 ng_pred1
      530 ng_echo
      544 ng_pptpgre
      543 ng_pppoe
      529 ng_deflate
      542 ng_ppp
      522 ng_UI
      541 ng_pipe
      528 ng_cisco
      527 ng_car
      540 ng_one2many
      539 ng_mppc
      526 ng_bridge
      538 ng_lmi
      537 ng_l2tp
      523 ng_async
      536 ng_ksocket
      525 ng_bpf
      535 ng_iface
      534 ng_hole
      533 ng_framerelay
      552 ng_vlan
      551 ng_vjc
      550 ng_tty
      549 ng_tee
      548 ng_tcpmss



  • @Konstanti Thanks for that, yeah currently I am using OpenVPN Tap with interface bridged as I mentioned in my post. However it is not stable. I tried Open VPN client on pfSense but ping can drop a lot so I tried OpenVPN client on Win2016 server and found that Windows client is better but still unstable.
    That is the main reason why I started looking GIF tunnel option.
    Since psSense to pfSense IPSec tunnel is very stable I think it is not bandwidth issue.

    Thanks for your advice.

    Regards


Log in to reply