Advertise selective Vlan to PepVPN peer


#1

Dear Sirs,

How can i prevent a LAN subnet to be advertised on the PepVPN?

On the backbone area ( 0.0.0.0 ) i’ve enabled the OSPF only on Default LAN subnet ( untagged VLAN) but the tagged VLAN subnet is advertised on the routing process as well.

This is not suppose to work like it is, there are any fix to change this behavior on routing?

Waiting your reply,

Best regards,

Adelio Moreira


#2

Hi,

All LAN subnets will be advertise to PepVPN peer. This is the design and expected behavior for PepVPN. You can’t prevent this at the moment. Anyway I understand where you come from. We will look into this.

Possible to enable NAT mode for PepVPN? Will this meet your requirement?
NAT mode for PepVPN - By selecting this option, the remote unit VPN will be assigned with an IP address from the local DHCP server. All the remote side traffic via this VPN will go through Network Address Translation (NAT) using the assigned IP address.



#3

Hi,

The NAT mode as it’s design is not a solution or a workaround to this routing issue on my enviroment.

When will PepLink do fix for this issue on LAN side, because it’s not making sence since i don’t enable the OSPF on this subnet it’s suppose it will not be advertised for anywhere!

Waiting your reply,

Best regards,
Adelio Moreira


#4

Hi,

PepVPN is using OSPF to advertise all LAN segments to remote peer by default.

If you enable Untagged Vlan in OSPF as below, it will listen and deliver OSPF packets with OSPF neighbor at Untagged Vlan side. However Vlan 2 will not listen or deliver any OSPF packets.


We have no ETA on “Selected Vlan to be advertise to remote PepVPN peer”. I will move your post to feature request.

Thank you.


#5

Any news regarding this feature request?


#6

Hi adelini,

This is in our roap map. Stay tuned.


#7

+1 from Onwave as well!

This is an interesting topic, and a very useful thing to be able to have control over. It should be easy because OSPF has supported these capabilities for decades. Can we have and OSPF that behaves by default however you think best, but also offers us the option to take some more control?
Network summarization, (without having to use NAT)
Selective subnet advertisement.
The ability to make an interface passive.
The ability to control which interfaces are included in the OSPF process.

Thanks,
Dana


#8

+1 from me as well. I’m all for all routes being advertised by default (keeping PepVPN’s inherent setup simplicity), but sometimes a remote route is not valid for certain local hosts. The ability to enable/disable remote routes would save me a ton of workaround effort. Thanks!


#9

Hello, will this come in 6.2.x? Or will it be 6.3?
Thank you,
Dana


#10

+1 - is there any update on this feature?


#11

Hello,

This feature will be included in the upcoming 6.3.2 firmware which we currently have a RC build available.

You may obtain full release notes here (See 5. Feature Improvements for SF route advertisement)


#12

Well, rats. I need this to be separate on a per-PepVPN basis. Thanks anyway!