Given three bare metal machines hosted at Hetzner, eNovance and OVH, l2mesh can be used to create a new ethernet interface L2M on each of them. It behaves as if they had a physical ethernet card connected to a hardware switch in the same room. The machine at eNovance could be the DHCP server providing the IP for the L2M interface of the Hetzner machine. In addition, if the connection between the eNovance machine and the Hetzner machine does not work, the packets will use the OVH machine as an intermediary, making the mesh resilient to network outage.
The documentation page for l2mesh has been added to the example section of the tinc web site after a discussion with Guus Sliepen.
introduction
l2mesh is a tinc based virtual switch, implemented as a puppet module. It creates a new ethernet interface on the machine and connects it to the switch.
Here is how the situation looks like when dealing with physical machines and a hardware switch:
+----------------+ +---------------+
| | | |
| +-----+ +-----+ |
| MACHINE | eth0+---------+ +---------+eth0 | MACHINE |
| A +-----+ | | +-----+ C |
| | | | | |
+----------------+ +---+----+---+ +---------------+
| SWITCH |
+-----+------+
|
+----------------+ |
| | |
| +-----+ |
| MACHINE | eth0+-----------+
| B +-----+
| |
+----------------+
Each of the three machines ( A, B, C ) have a physical ethernet connector which shows as eth0. They are connected with a cable to a SWITCH which transmits the packet coming from MACHINE A to MACHINE B or MACHINE C.
With l2mesh, a new virtual interface ( named L2M below ) is created on each machine and they are all connected by a TINC daemon. Packets go from MACHINE A to MACHINE B or MACHINE C as if they were connected to a physical switch.
+---------+-----+
| |eth0 |
| +-----+
| MACHINE | L2M |
| A +-----+
| TINC+---
+--------------++ \-------
| \------- +---------------+
| X--+TINC |
| /------- +-----+ |
+-------------+-+ /------ | L2M | MACHINE |
| TINC+--- +-----+ C |
| +-----+ |eth0 | |
| MACHINE | L2M | +-----+---------+
| B +-----+
| |eth0 |
+---------+-----+
Here is how it looks on each machine:
$ ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether fa:16:3e:48:ae:6f brd ff:ff:ff:ff:ff:ff
$ ip link show dev L2M
2: L2M: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
link/ether 72:75:6e:60:59:f0 brd ff:ff:ff:ff:ff:ff
publishing
The l2mesh redmine project is created to support the puppet module in the short term. A git repository is made available at git clone http://redmine.the.re/git/l2mesh.git. The README.md file is formatted for the web
# mkdir -p /var/www/redmine/public/l2mesh # markdown README.md > /var/www/redmine/public/l2mesh/l2mesh.html
reaching out
A mail was sent to the tinc mailing list to announce the puppet module and ask for input. There still is a significant amount of work to be done for testing and fixing border cases or updating the implementation notes. Guus Sliepen made a few suggestions which helped improve the module. He also added a link to the example section of the tinc web site.