I need to know if it is possible to tunnel MAC (medium access control) traffic from devices attached to an Openwrt router.
Specifically I am interested in these protocol but in theory that should not matter.
Ethertype
0x8892 Profinet
0x88A4 EtherCat
0x88CC Link Layer Discovery
0x8204 QNX Qnet
I have looked at L2TP and GRE but I am not sure if they would work.
P.S. As a side note, for anyone saying this is impossible. I am doing it already with USB over IP. I am just wondering if there is a more elegant solution.
least overhead choice is gretap (gre but L2), most vpns can work in tap l2 mode in place of more default l3 tun mode, but you lose on latency if your router is not a full-fledged PC
An important consideration is the other side of the equation, though. For example:
PPTP is an L2 (tap) VPN protocol, but is considered unsafe for use now because the encryption is trivally hacked. As such, PPTP has been removed from many modern OS's including Mac OS and iOS -- so you may not be able to even use the protocol.
OpenVPN has a tap mode (unless it has been deprecated; I haven't checked), but that is not supported on iOS and Android. You'd need a full fledged desktop OS or something like another OpenWrt router as the remote endpoint to get TAP working.
L2TP based VPNs are often considerably more complex to configure than other VPNs, and support can be spotty with respect to the client availability since these are becoming less common.
I can't speak to the latency on L2 vs L3 with respect to the processor in the endpoint. But, latency is a relevant issue on L2 connections that are tunneled over the internet. The added latency can become an issue with respect to broadcast/multicast traffic over the network since that will also traverse the tunnel. This can degrade the overall network performance because of the signfiicantly higher latency over the tunnel for such traffic. Just something to keep in mind.
Thanks brada4, I am using a wireguard tunnel. I installed luci-proto-gre and that looks like it will do what I want. Any possible limitations/gotchas with this approach? I enjoy doing the research; I just hate dead ends. Latency and throughput are not a concern. Other than a windows programming workstation, no other computers are involved. The connection will either be openwrt to openwrt or openwrt to windows behind an openwrt router (the latter being my current config)
gretap did not pass non-ip traffic. It does tunnel broadcast. I tested it using DHCP and that worked. Which linux distro man pages would best describe the functionality of gretap?
It's working. Initially, I focused on the Profinet protocol but along the way I was only looking at the LLDP protocol. Well, that's the one protocol that is not forwarded by bridges.
The Ethernet frame used in LLDP typically has its destination MAC address set to a special multicast address that 802.1D-compliant bridges do not forward. - wikipedia