On Tue, Aug 07, 2018 at 10:06:12AM +0200, max%m00nbsd.net@localhost wrote:
We could easily retire etherip. It has never been enabled (worse: the
option was not even present and commented out before I added it a few
months ago), the code is shitty, buggy (eg watch the man page) and not
MP-safe.
Above all, the EtherIP spec (RFC3378) actually recommends dropping
EtherIP and using L2TP instead. We do have L2TP -- written by the
Japanese guys, so it works, it's MP-safe and everything.
Does NetBSD has L2TPv3? "Basic" L2TP won't give you "Ethernet-over-IP",
which is the point of, uh, etherip.
(Of course you can do etherip things with openvpn in tap mode, but for
many setups this is just far heavier than "I need to transport ethernet
frames, I do not need to care about encryption or authentication because
this all happens inside a closed environment" - which is where I've used
etherip in the past, bridge together VLANs across an "unwilling" internal
infrastructure)