thr3ads.net - tinc - trunk-tap.py - Script to bridge VLANs over a tinc vpn bridge [Oct 2017]

If this information is useful, please help other people find it:
Share via:

Alexander Schreiber

2017-Oct-22 15:23 UTC

trunk-tap.py - Script to bridge VLANs over a tinc vpn bridge

Hello,

I have been using tinc for quite a while now and am very pleased with it.
Thanks a lot to everyone involved in the project!

I am running a VMware ESXi server in a datacenter that provides some services
for me.
The virtual machines are connected with different networks running on separated
VLANs using VMware vSphere port groups.
In order to use the services from my home network, I had the idea to set-up a
tinc vpn bridge connection (Mode=Switch) between a VM (exposed to a port group
that has access to all VLANs (4095)) and my home router.
That way, I could simply transport the VLANs over the TAP tunnel, bridge them to
my ethernet adapter, attach it to my managed switch and then use the GUI of my
switch to choose which VLAN to use for which port.
This process is completely transparent to the clients in the network.
I stumbled accros this thread from 2010 which confirmed to me that it was indeed
possible to build a setup like this.
https://www.tinc-vpn.org/pipermail/tinc/2010-March/002263.html
<https://www.tinc-vpn.org/pipermail/tinc/2010-March/002263.html>

                              (TINC VPN / OpenVPN)
 -------- SITE 1 -------                                -------- SITE 2 -------
 eth1.100 <-> trunk0.100 <--\   ################   /--> trunk0.100
<-> eth1.100
 eth1.105 <-> trunk0.105 <--->> ---TAP-TUNNEL--- <<--->
trunk0.105 <-> eth1.105
 eth1.110 <-> trunk0.110 <--/   ################   \--> trunk0.110
<-> eth1.110

In order to not end up with a messy, hard-to-maintain configuration, I wrote a
simple Python script for Linux (invokes iproute2 commands) to create all
necessary interfaces and bridge them.
It seamlessly integrates with tinc's tinc-up, tinc-down scripts and worked
reliably for me.
This might not be the most professional approach to this, but it certainly is
one that "gets the job done".

I thought the script might be useful to someone in the community. Hence I
decided to share it here. That way, it might be found by someone who is
interested in this kind of setup.


https://github.com/schreiberstein/trunk-tap.py
<https://github.com/schreiberstein/trunk-tap.py>


Best regards
Alexander Schreiber



-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20171022/c9b3b4e8/attachment.html>

Possibly Parallel Threads

Search for more possibly parallel threads

tinc - Oct 2017 - trunk-tap.py - Script to bridge VLANs over a tinc vpn bridge

trunk-tap.py - Script to bridge VLANs over a tinc vpn bridge

Possibly Parallel Threads

Wisdom of the Ancients