How to create virtual interface?

mikruser · April 10, 2016, 8:46am

Hello,

How to create virtual interface on ether interface (like vlan, but without tag)?

jarda · April 10, 2016, 11:29am

You can use vlan or some kind of tunnel. How would you distinguish virtual interface traffic if there were no tag or any other encapsulation?

mikruser · April 10, 2016, 11:42am

>>You can use vlan or some kind of tunnel.
No

>>How would you distinguish virtual interface traffic if there were no tag or any other encapsulation?
by MAC address

efaden · April 10, 2016, 12:26pm

Can you explain how exactly you intend to use this?..

mikruser · April 10, 2016, 12:34pm

>>Can you explain how exactly you intend to use this?

Currently, if add ether interfaces to bridge, not possible to use ether interfaces in Mangle rules.

I need add ether interfaces to bridge, then create virtual interfaces on ether interfaces, and use it in Mangle rules.

efaden · April 10, 2016, 12:40pm

You should enable “Use IP Firewall” in the Bridge Settings. Then you can use mangle with the interfaces. I don’t think there is a way to make virtual interfaces like you want to.

mikruser · April 10, 2016, 12:51pm

>>You should enable “Use IP Firewall” in the Bridge Settings. Then you can use mangle with the interfaces.

You are wrong. The error continues to appear:
“in/out-interface matcher not possible when interface (ether-gw) is slave - use master instead (bridge-gw)”

efaden · April 10, 2016, 12:54pm

Correct… because you should be using in-bridge-port and out-bridge-port… not in and out interface.

mikruser · April 12, 2016, 10:35am

>>you should be using in-bridge-port and out-bridge-port

when i set:
set “Use IP Firewall” on bridge
set IP1 to ether1
set Out.BridgePort=ether1 on Firewall Filter Rules forward rule
set Out.BridgePort=ether1 on Firewall NAT masquerade rule

i cannot communicate from LAN to Internet!

(communication work only when i set IP1 to bridge_wan and change Out.BridgePort=ether1 to OutInterface=bridge_wan, but i need IP1/IP2 on ether1/ether2)

jarda · April 12, 2016, 1:16pm

You should not have the interfaces in common bridge if you do natting between them. They should belong to different networks (other L2 domains) and you should route between them instead bridging.

mikruser · April 12, 2016, 1:22pm

>>You should not have the interfaces in common bridge if you do natting between them

I do not NATting between interfaces in bridge!

efaden · April 12, 2016, 1:49pm

If you want us to be able to help you need to post your full configuration and a network diagram of what your trying to do. Beyond that I can’t for the life of me figure out what your trying to do and why…

pe1chl · April 12, 2016, 1:50pm

I advise you to take some generic networking study or leave the matter to someone who understands
a bit better what they are doing.
You are asking for new things all the time, but you keep rejecting the good solutions that expert people
(e.g. ZeroByte) are giving you.
It appears that you are trying to solve the problem the wrong way and thus you hit limitations all the time.