In networking, the broadcast domain is a logical part or division. Through this, an entire network is divided into smaller sections. Generally, these divisions are logical. That means, physically they will be connected to the same network, but they still stay in separate networks. Those who are in the same logical division or the same broadcast domain can only communicate themselves. A single broadcast domain may have a wide range of locations. It can be in the same building as well as in a different city. For example, let's say, a company has two offices. The first one is head-office and another one is the factory Office. Both offices are connected to the internet. Our network scenario looks like the following:-
Now head-office and factory office must be in the same broadcast domain. We will discuss this issue in this tutorial.
The EOIP (Ethernet over Internet Protocol) usually works to keep two remote offices in the same broadcast domain. This protocol creates a tunnel between the remote offices through the internet. We are assuming that "Mikrotik" has been used as a router for internet connection in the offices.
At first, we will create a tunnel between the router. We assume that the WAN IP of our head-office router (Router-1) is 1.1.1.1 and the WAN IP of the factory router (Router-2) is 2.2.2.2. At the same time, we also assume there are two LAN segments at head-office and there are also two LAN segments in the factory. The LAN segments network of head-office is 192.168.1.0/24 and 192.168.2.0/24. Similarly, the network of LAN segments in the factory is 192.168.3.0/24 and 192.168.4.0/24. Notice the diagram below.
Then, as in the diagram above, we have four LAN segments in our two locations. And we know that each LAN segment is a different broadcast domain. Now we merge the factory's 192.168.4.0/24 LAN segment with the head-office's 192.168.1.0/24 LAN segment so that the LAN segment of the factory comes under the head-office LAN segment or broadcast domain. That is, both of them are under the 192.168.1.0/24 network. That LAN segment of the factory will have no separate network or broadcast domain. Just like the diagram below.
According to the diagram, we did not assign any type of network information in the LAN segment of the factory (Router-2) even without assigning an IP in the router LAN interface. Because this segment will be merged with the head-office's 192.168.1.0/24 segment or broadcast domain. This factory segment will connect itself to the 192.168.1.0/24 network.
A LAN segment from head-office and one from the factory will be in the same broadcast domain.
The details of how to make the tunnel are given below:-
At first, we will create the tunnel in our head-office's router. Click on the "Interface" option from the winbox menu and then navigate to the "EoIP Tunnel" tab. Their click on the (+) sign to add a new EoIP tunnel.
Now provide a descriptive name for this tunnel in the "Name" field. Here, we named it "EoIP_Tunnel_to_Factory". Write the head-office's public IP address or the WAN address in the "Local Address" field. According to the example, this address will be 1.1.1.1. Write the factory's public IP address or the WAN address in the "Remote Address" field. According to the example, this address will be 2.2.2.2. Now provide a tunnel ID in the "Tunnel ID" field. Please keep in mind that, this ID must be the same at both offices otherwise the tunnel won't be established. If we want we can secure this tunnel with a secret password. This password will use to encrypt the tunnel traffic that will be forwarded within this tunnel. In the "IPsec Secret" field, we can provide this encryption password. This IPsec Secret password must be the same at both sites also otherwise the tunnel won't be up. That's it. The rest of the things keep the default. Now click on the "Apply" and "Ok" button to save this tunnel and close this window.
Our head-office's site tunnel configuration has been done. Now we will move to our factory-office. There, in the same way, we will create the tunnel. But there will be some changes in some places.
In the same manner, we will provide the descriptive name for this tunnel. The name will be the "EoIP_Tunnel_to_Head Office". At this time, in the "Local Address" field, we will write the factory's public IP address or the WAN IP address and in the "Remote Address" field, we will write the head-office's public IP address or the WAN IP address. According to our example, at this time, the local address will be 2.2.2.2 and the remote address will be 1.1.1.1. The "Tunnel ID" value and the "IPsec Secret" value must be the same as the head-office router one. Otherwise, the link won't be established.
Now the tunnel should be up and running. We will find that the "running" text will be highlighted.
Our tunnel configuration has been done at both offices. Now we have to create the virtual bridge interface at both of the routers. In the head-office router, the bridge port will be the "EoIP Tunnel" interface and the "Ether-2" interface. At the same time, in the factory router, the bridge port will be the "EoIP Tunnel" interface and the "Ether-1" interface.
In the head-office router, we will make a bridge between the "EoIP Tunnel" and the "Ether-2" interface because we want to merge the factory's segment with this "Ether-2" network. And in the factory router, we will make a bridge between the "EoIP Tunnel" and the "Ether-1" interface because we want to connect this "Ether-1" segment with the head-office's "Ether-2" network.
Now we will create the bridge interface in the head-office router. To create a bridge interface, just click on the "Bridge" option from the Winbox Menu list. Their click on the (+) sign to add a new virtual bridge interface.
Now we will provide a descriptive name for this bridge interface. Here, we name it "EoIP_Bridge_Factory".
Now we will add the "EoIP_Tunnel_to_Factory" interface and the "Ether-2" interface as bridge ports with this Bridge interface. To add a bridge port, navigate to the "Ports" tab and click on the (+) sign to add a new bridge port.
At first, we will add the EoIP tunnel interface. Select the EoIP tunnel interface from the interface field. According to this example, this will be the "EoIP_Tunnel_to_Factory". Then we will select the bridge interface from the "Bridge" field with which we want to add. According to this example, this will be the "EoIP_Bridge_Factory". Then click on the "Apply" and "OK" button to save and close this window.
After adding the EoIP tunnel interface then we will add the "Ether-2" interface as a bridge port with our bridge interface.
Our head-office router configuration has been done. Now we will move to our factory router. Here, in the same way, we will create a bridge. We will name it "EoIP_Bridge_Head Office".
Now we will add the "EoIP_Tunnel_to_Head Office" interface and the "Ether-1" interface with this bridge interface.
At first, we will add the EoIP tunnel interface.
Now we will add the "Ether-1" interface.
That's it. All the configuration has been done. From now on, the factory segment will be merged with the head-office's 192.168.1.0/24 network. It will be the same broadcast domain.
No comments:
Post a Comment