# GENEVE support



## taliesins (Mar 14, 2022)

At the moment we don't support GENEVE but do support VXLAN. With the move to SDN it would probably be a popular use case to enable: Transport security, service chaining, in-band telemetry.

For my specific use case I would love to be able to use PfSense as a Gateway Load Balancer in AWS.  AWS only supports GENEVE protocol.

If there was someone willing to contribute this I could setup a bounty to implement it.


----------



## SirDice (Mar 14, 2022)

There are very few developers here on the boards. I suggest you state your case on the mailing lists; freebsd-net@ is probably a good place to start.


----------



## astyle (Mar 14, 2022)

I think that OP would benefit from seeing this:






						Generic Network Virtualization Encapsulation - Wikipedia
					






					en.wikipedia.org
				



GENEVE _expands _on VXLAN and other encapsulations.  Unless I'm mistaken, you can install Open vSwitch on any endpoint  (even on an AWS image of pfSense) and start supporting both.


----------



## blind0ne (Mar 17, 2022)

taliesins said:


> At the moment we don't support GENEVE but do support VXLAN. With the move to SDN it would probably be a popular use case to enable: Transport security, service chaining, in-band telemetry.
> 
> For my specific use case I would love to be able to use PfSense as a Gateway Load Balancer in AWS.  AWS only supports GENEVE protocol.
> 
> If there was someone willing to contribute this I could setup a bounty to implement it.


I've read the https://en.wikipedia.org/wiki/Virtual_Extensible_LAN, looks interesting, is there any examples of such schemes and use cases? What actually are you moving to the AWS, what is this SDN? Do you have physical network and want to path traffic through AWS? 
Wait, what is the point?


----------



## astyle (Mar 17, 2022)

blind0ne said:


> I've red the
> 
> 
> 
> ...


Normally, this would be something they move to AWS first (some business content/service, and then do everything around that content (Protocols to access it, security implementations, etc.). Normally, content is pretty separate from delivery and security.  You don't ask why Netflix has load balancing, you make educated guesses while laying the cable for the SDN/CDN.


----------

