Virtual Switching for joining two LANs

[kiremonger]

Hello,

I have two residential houses who wish to connect their two separate LANs with a site-to-site VPN. Each house has ADSL and use the ISP provided routers. One is with BT (BT HomeHub v5) and the other Virgin Media (Virgin Super Hub 2).

So far SoftEther Server/Bridge has been installed on two Raspberry Pi's (RPi) (following the excellent instructions by Tom at http://tomearp.blogspot.co.uk/2013/11/s ... ether.html)

Each RPi has been deployed in the respective home and gets a DHCP address from the respective router within the home. The routers ensure that the RPi always gets the same local IP address.

The following has been successfully configured on both RPi:

- SoftEther Virtual Hub
- SoftEther Cascade Connection
- SoftEther Local Bridge to eth0 on the RPi
- Dynamic DNS configured

The VPN connects and when you look in the IP Address Table List within both Virtual Hubs you see IP addresses from the respective remote network.

The understanding is that the two networks are properly connected at Layer 2.

However the bit we're struggling with is Layer 3. How do we get two different networks talking to each other?

The BT household uses DHCP, network: 192.168.1.0/24, using the BT HomeHub as the Default Gateway (DG) of 192.168.1.254

The Virgin household uses DHCP, network 10.2.10.0/24, using the Virgin Super Hub 2 as the DG 10.2.10.100

At the moment if you ping a host on the other network the packet goes to the DG and goes no-where.

Can we use Layer 3 Virtual Switches within SoftEther VPN to resolve the routing issues?

We would like all traffic to continue to route to the respective DG but traffic for the other network to route down the VPN.

Thanks,

Keith

[thisjun]

If you want to know about using Virtual L3 in LAN-to-LAN, Please see this manual http://www.softether.org/4-docs/1-manua ... P_Routing)

[kiremonger]

Hello,

Thanks for directing me to that documentation; I had looked at it before but re-reading it did slightly help. However I still don't have things working.

The Headquarter LAN's (10.2.10.x) SoftEther server has two Virtual Hubs:

• HUB1 – is the bridge to 10.2.10.x physical LAN via eth0
• HUB2 – uses a cascade connection to Branch LAN

The Branch LAN's (192.168.1.x) SoftEther server has one Virtual Hub:

• HUB3 – is the bridge to 192.168.1.x physical LAN via eth0

There is now a Layer 3 Virtual Switch on Headquarter LANs SoftEther server with the following virtual interfaces. No routing table entries have been defined.

• 10.2.10.251 /255.255.255.0
• 192.168.1.20 /255.255.255.0


The Virgin SuperHub2 (Headquarter LAN default gateway device) and BT HomeHub (Branch LAN default gateway device) cannot have static routes setup on them. So I have added the static routes manually:

So on Windows I ran the following at a cmd.exe prompt:

For a computer connected to Branch LAN:
• route add 10.2.10.0 mask 255.255.255.0 192.168.1.20 metric 2

For a computer connected to Headquarter LAN:
• route add 192.168.1.0 mask 255.255.255.0 10.2.10.251 metric 2

A computer on the Branch LAN (192.168.1.x) can now successfully ping 10.2.10.251 but no other IP addresses on that LAN.

Am I getting closer?!

[buneech]

Following the manual I have it running and can ping devices on both networks except:
- Ping from any device in network A to raspberry pi in network B doesn't work
- Ping from any device in network B to raspberry pi in network A doesn't work
- Ping between RPI's doesn't work

Does anyone have any idea how to achieve that the raspberry pi's will "see" each other?

[buneech]

I've managed to get this working as I intended it to. Written about it on my blog.
http://bunic.si/2015/04/l3-bridge-with- ... erry-pi-2/

[exciter0]

Good job solving this and most importantly thanks for sharing your solution!


buneech wrote:
> I've managed to get this working as I intended it to. Written about it on
> my blog.
> http://bunic.si/2015/04/l3-bridge-with- ... erry-pi-2/

[triwaves]

buneech wrote:
> I've managed to get this working as I intended it to. Written about it on
> my blog.
> http://bunic.si/2015/04/l3-bridge-with- ... erry-pi-2/

Thanks for that - I too have two RPis in two locations I am trying to connect via L3 switch hosted on an AWS server.

I follow your post - have single site VPNs working well and even one site connected to AWS and linked via L2. Problem is with multi-sites I sites have different IP ranges so rather than re-configure sites I want both to cascade connect to AWS server L3 switch.

I added the virtual interfaces for the L3 switch but they don't show up on my network - what am I doing wrong? Of course nothing works because I have no switch interface to route traffic to ... so hoping I'm missing something obvious here.

Ideas?

I started a new thread here if you have a chance to reply: http://www.vpnusers.com/viewtopic.php?f=7&t=8124

[thisjun]

@kiremonger
Could you check the IP address table of each virtual hub?