vSwitch tunneling / encapsulation?

TeeJayHoward

Limpness Supreme
Joined
Feb 8, 2005
Messages
9,994
VM1->vSwitch on host1->Physical Switch->vSwitch on host2->VM2

My goal: Replay a traffic file (.pcap) on VM1 and have all the packets show up on VM2.
My problem: The physical switch will not pass through VLAN tagged traffic. It drops it.
My concept: Encapsulate the traffic on the vSwitch so that the physical switch doesn't know the content, then expose the traffic once it hits the vSwitch on host2.

Possible? Or is there another way to reach my goal?
 

vage

2[H]4U
Joined
Jan 10, 2005
Messages
3,039
I may be wrong but I think this is the very premise behind VXLANs
 

lopoetve

Imhotep
Joined
Oct 11, 2001
Messages
29,150
Sure, it's possible - you have to pick an encapsulation protocol of some kind, and direct the traffic through endpoints. VXLAN does do this, although you don't generally encapsulate a VLAN inside of one as much a VXLAN segments.

I've done something similar with IPSec in the past using openswan. .
 

TeeJayHoward

Limpness Supreme
Joined
Feb 8, 2005
Messages
9,994
Buy a new physical switch. Way easier.
I wish. Sadly, we're stuck developing on the hardware the customer has already purchased.

I've been trying to get OpenVPN to work, but it doesn't look like our software recognizes tun0 as an interface... So now I get to try something like the CSR1000v/Nexus1000v (or maybe NSX if I can ever get VMware to agree to give us an eval version!)
 

Shockey

[H]ard|Gawd
Joined
Nov 24, 2008
Messages
2,016
I wish. Sadly, we're stuck developing on the hardware the customer has already purchased.

I've been trying to get OpenVPN to work, but it doesn't look like our software recognizes tun0 as an interface... So now I get to try something like the CSR1000v/Nexus1000v (or maybe NSX if I can ever get VMware to agree to give us an eval version!)
have you tried tap0?
 

TeeJayHoward

Limpness Supreme
Joined
Feb 8, 2005
Messages
9,994
have you tried tap0?
ifconfig shows tun0, lo, and eth0. I honestly hadn't considered trying tap0, as I didn't think it would work. If the OS doesn't see the interface, how would the application? Probably worth trying, though. I'm new to the whole "VPN" thing from an administrative standpoint. I'll give it a shot on Monday.
 

Shockey

[H]ard|Gawd
Joined
Nov 24, 2008
Messages
2,016
ifconfig shows tun0, lo, and eth0. I honestly hadn't considered trying tap0, as I didn't think it would work. If the OS doesn't see the interface, how would the application? Probably worth trying, though. I'm new to the whole "VPN" thing from an administrative standpoint. I'll give it a shot on Monday.
NVM. one appears to be network layer and other is bridge.

see here
http://en.wikipedia.org/wiki/TUN/TAP
 

bmh.01

Gawd
Joined
Mar 28, 2002
Messages
610
An HP Flex-10/10D. Not "technically" a switch. Works fine for traditional traffic. Replaying traffic? No go.
Ouch, didn't see that one coming! Was wondering what sort of recent switch wouldn't forward vlan tags, makes more sense now.
 
Top