Closed mweinelt closed 1 month ago
kaechele
commented
2 years ago The way we deal with this when using Tunneldigger is to stick all the L2TP interfaces in a bridge (that has forwarding between bridge ports disabled using ebtables/nftables, so nodes don't think they are connected to each other directly) and put mesh-announce on that bridge. That bridge is then attached to the batman interface.
kaechele
commented
2 years ago Just switched some of our gateways to fastd with multitap and the same approach works there as well. It's pretty much a drop in replacement for Tunneldigger at that point.
mweinelt
commented
2 years ago I recommend using bridge set dev <brport> isolated on instead of using ebt/nft, should be more lightweight and this is what I used in our setup.
kaechele
commented
2 years ago Neat! I did not know this. Thanks!
jplitza
commented
1 month ago Since this seems to be resolved, I'm closing the issue. Feel free to re-open if you see the need for a solution inside mesh-announce.
With fastd's L2TP multitap feature (coming in Gluon 2022.1) we're seeing one interface per L2TP peer and I don't see a way for mesh-announce to work on links that are created in an ad-hoc fashion.
I think we need to brainstorm a way for mesh-announce to work on these kinds of links in multidomain setups.