pfSense

According to this forum post http://forum.pfsense.org/index.php/topic,36722.msg189344.html#msg189344 the super-vlan can be created in pfSense and somehow a wizard or documentation about it should be done.

FreeBSD - SuperVlan, ip-unnumbered 

August 18th, 2010 by Alien Add Reply " 
Read as reazlizut analogs ip-unnumbered, super vlan FreeBSD and decided to give its decision. 
We use the following modules: 

netgraph 
ng_vlan 
ng_ether 
If someone does not know to load the modules can be as follows: 

kldload / boot / kernel / netgraph.ko 
kldload / boot / kernel / ng_vlan.ko 
kldstat 
Id Refs Address Size Name 
 July 1 0xffffffff80100000 646a60 kernel 
 1 April 2526 0xffffffff8082c000 netgraph.ko 
 May 1 0xffffffff8082f000 d66 ng_vlan.ko 
 June 1 0xffffffff80830000 23d6 if_vlan.ko 

Next, count up that we have two network em0 (internal) em1 (external). And here on the internal network, we need to take a bunch of vlanov. Let's say we have IDs vlanov be 5-10 and created using ng_vlan. Create a node for vlanov: 

ngctl 
+ Mkpeer em0: vlan lower downstream 
+ Name em0: lower vlan 
+ Connect em0: vlan: upper nomatch 
+ Quit 
Vlany themselves create the following way: 

ngclt 
+ Mkpeer vlan: eiface vlan5 ether 
+ Name vlan: vlan5 vlan5 
+ Msg vlan: addfilter {vlan = 5 hook = "vlan5"} 
+ Quit 
In conclusion ifconfig'a will form interface ngethX, where X - serial number, I immediately 
called him by name vlana 

ifconfig ngeth0 name vlan5 
Assign vlanu maximum address is the same as our internal interface em0 

ifconfig vlan5 ether `ifconfig em0 | grep ether | awk '{print $ 2}'` up 
Next do the same for all vlanov 6.10 

Vlany created, it remains to be done to them, the loopback interface, can be turned out and create a bridge interface: 

ifconfig bridge0 create 
 # Assign the maximum address of the bridge 
ifconfig bridge0 ether `ifconfig em0 | grep ether | awk '{print $ 2}'` 
ifconfig bridge0 inet 5.5.5.1 netmask 255.255.255.0 up 
ifconfig bridge0 addm vlan5 # Add a bridge interface 
ifconfig bridge0 addm vlan6 # Add a bridge interface 
Add the final touches on the scene. Do vlany private 

ifconfig bridge0 private vlan5 
ifconfig bridge0 private vlan6 
Harvesting discover attribute 

ifconfig bridge0-discover vlan5 
ifconfig bridge0-discover vlan6 
And finally do vlany "catching" 

ifconfig bridge0 sticky vlan5 
ifconfig bridge0 sticky vlan6 
This will allow users from different vlan'ov "see" the un address 5.5.5.1 but no way to communicate among themselves. For routing between clients will prescribe Rout for each IP-address or network. Thus we have obtained SuperVlan (in terminalogii HP) or ip-unnumbered for SVI-interface (in terminalogii Cisco). If vlanov a lot and do a lot of customers, I advise you immediately increase the amount of stored poppies bridge interface (in my example is 4000) Commando 

ifconfig bridge0 maxaddr 4000 
Just such a configuration in "combat mode" periodically falls off the internal interface, about once a week. Fall off the logs dropped it lacks handles network (up & down for the network did not help), Google about this, too, was silent - advised to pick the load queue, the driver. And only a couple of weeks off and on by accident back bridge interface problem persists, adding to the crowns start "ifconfig bridge0 down up" every 15 minutes of my life has become much calmer. 

Previous entry: "Samopisny" parser netflow 
Next entry: jQuery Sortable: tie a sortable list to two 
Posted vFreeBSD, UNIX & Linux, Operating Systems