Hi Thomas, I'd give this a go with vport(4) interfaces instead of vether(4), and join them all together at layer 2 by adding them to a single veb(4).
Cheers, dlg > On 10 May 2021, at 03:04, Thomas Huber <[email protected]> wrote: > > Hi misc, > > I wanted to tinker with the cluster manager sysutils/nomad but > unfortunately I´ve no spare cluster for tinkering... > > So I had the idea of utilizing OpenBSDs outstanding > possibilities for network isolation to create a > virtual cluster on my VM at openbsd.amsterdam. > > I had different ideas to achieve it but nothing worked so far. > So I'd describe my first approach because I think this is the > most OpenBSD idiomatic one: > > I created 5 vether[0-4] devices, everyone in its own rdomain [0-4] > and assigned every device its own inet address space 10.10.[0-4].1/24 > > I also set the 10.10.[0-4].1 as default route in each rtable. > > Now I learned that pf(4) is needed to route between this 5 rdomains > but after several attempts I've no clue how this could be defined. > > Actually I wanted rdomain 0 to work as hub for all rdomains >0. > Maybe someone can hint me in the right direction.... > > regards > Thomas (host of the u2k20-hackathon, if someone remembers ;-) > > some further listings if my description above is unclear: > > > ud$ ifconfig vether > vether0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > lladdr fe:e1:ba:d7:cc:16 > index 23 priority 0 llprio 3 > groups: vether > media: Ethernet autoselect > status: active > inet 10.10.0.1 netmask 0xff000000 broadcast 10.255.255.255 > > vether1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> rdomain 1 mtu > 1500 > lladdr fe:e1:ba:d8:73:32 > index 24 priority 0 llprio 3 > groups: vether > media: Ethernet autoselect > status: active > inet 10.10.1.1 netmask 0xff000000 broadcast 10.255.255.255 > > vether2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> rdomain 2 mtu > 1500 > lladdr fe:e1:ba:d9:bd:e8 > index 26 priority 0 llprio 3 > groups: vether > media: Ethernet autoselect > status: active > inet 10.10.2.1 netmask 0xff000000 broadcast 10.255.255.255 > > vether3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> rdomain 3 mtu > 1500 > lladdr fe:e1:ba:da:07:4d > index 28 priority 0 llprio 3 > groups: vether > media: Ethernet autoselect > status: active > inet 10.10.3.1 netmask 0xff000000 broadcast 10.255.255.255 > > vether4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> rdomain 4 mtu > 1500 > lladdr fe:e1:ba:db:31:c8 > index 30 priority 0 llprio 3 > groups: vether > media: Ethernet autoselect > status: active > inet 10.10.4.1 netmask 0xff000000 broadcast 10.255.255.255 > > ud$ netstat -R > Rdomain 0 > Interfaces: lo0 vio0 enc0 pflog0 vether0 > Routing tables: 0 71 > > Rdomain 1 > Interfaces: vether1 lo1 > Routing table: 1 > > Rdomain 2 > Interfaces: vether2 lo2 > Routing table: 2 > > Rdomain 3 > Interfaces: vether3 lo3 > Routing table: 3 > > Rdomain 4 > Interfaces: vether4 lo4 > Routing table: 4
