From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Frank Wunderlich <frank-w@public-files.de>
Cc: netfilter@vger.kernel.org
Subject: Re: Flowtable with ppp/bridge
Date: Wed, 28 Apr 2021 01:49:29 +0200 [thread overview]
Message-ID: <20210427234929.GA19570@salvia> (raw)
In-Reply-To: <B1C290C8-8CF7-435B-88B0-29A09E4B0CA6@public-files.de>
On Mon, Apr 26, 2021 at 08:08:05PM +0200, Frank Wunderlich wrote:
> Am 26. April 2021 19:57:03 MESZ schrieb Pablo Neira Ayuso <pablo@netfilter.org>:
> >On Mon, Apr 26, 2021 at 07:51:11PM +0200, Frank Wunderlich wrote:
> >> Hi Pablo,
> >>
> >> Is alex' guess right and i need to use physical interface instead of
> >> the virtual one?
> >
> >Confusing, you reported an example that works:
> >
> >http://forum.banana-pi.org/t/new-netfilter-flow-table-based-hnat/12049/30
> >
> >That was in March 2021.
>
> That was a test without ppp/vlan/bridge on my test device (to make
> performance test and looking for bindings on simple setup). Now i'm
> working on my main router where i use pppoe to my isp which needs to
> be encapsulated into a vlan (to separate from voip).
>
> >> In my case i have ppp connection over vlan on wan port.
> >>
> >> ppp8 => wan.110 => wan
> >>
> >> Lan side (bridge) may work,but for ppp it sounds wrong to me.
> >
> >Just add the 'wan' device to the flowtable, as you did back in March.
>
> Ok, i try it...If this works also for traffic routed to the ppp
> interface then it is ok. Forwarding is done from lanbr0 to ppp8
> virtual interfaces not to physical interfaces directly like i've
> done on test in March
Since Linux kernel 3.13-rc, the flowtable is capable of autodetecting
your existing network device configurations. Therefore, you only have
to add the physical devices in the flowtable definition.
The flowtable offload supports for:
- VLAN device.
- Bridge VLAN filtering.
- PPPoE device.
- Bridge device.
and combinations of these devices.
PPPoE over VLAN is also supported, I tested this specifically before
submission upstream.
next prev parent reply other threads:[~2021-04-27 23:49 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-26 15:30 Flowtable with ppp/bridge Frank Wunderlich
2021-04-26 17:29 ` Pablo Neira Ayuso
2021-04-26 17:51 ` Frank Wunderlich
2021-04-26 17:57 ` Pablo Neira Ayuso
2021-04-26 18:08 ` Frank Wunderlich
2021-04-27 23:49 ` Pablo Neira Ayuso [this message]
2021-04-28 8:07 ` Frank Wunderlich
2021-04-28 17:26 ` Frank Wunderlich
2021-04-29 13:59 ` Aw: " Frank Wunderlich
2021-05-02 13:51 ` Frank Wunderlich
2021-05-02 22:11 ` Pablo Neira Ayuso
2021-05-03 18:56 ` Aw: " Frank Wunderlich
2021-05-03 21:32 ` Pablo Neira Ayuso
2021-05-04 10:54 ` Aw: " Frank Wunderlich
2021-05-04 11:42 ` Pablo Neira Ayuso
2021-05-05 8:55 ` Aw: " Frank Wunderlich
2021-05-05 22:55 ` Pablo Neira Ayuso
2021-05-06 9:53 ` Aw: " Frank Wunderlich
2021-05-06 15:51 ` Pablo Neira Ayuso
2021-05-10 6:50 ` Aw: " Frank Wunderlich
2021-05-10 8:24 ` Pablo Neira Ayuso
2021-05-10 9:00 ` Aw: " Frank Wunderlich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210427234929.GA19570@salvia \
--to=pablo@netfilter.org \
--cc=frank-w@public-files.de \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.