From owner-freebsd-net@FreeBSD.ORG Wed Mar 12 12:16:28 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D92321065676 for ; Wed, 12 Mar 2008 12:16:28 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from aurynhome1sv1.zirakzigil.org (mail.zirakzigil.org [82.63.178.63]) by mx1.freebsd.org (Postfix) with SMTP id 0467D8FC26 for ; Wed, 12 Mar 2008 12:16:27 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: (qmail 50684 invoked by uid 98); 12 Mar 2008 11:49:45 -0000 Received: from 89.96.52.22 by aurynhome1sv1.zirakzigil.org (envelope-from , uid 89) with qmail-scanner-1.25 ( Clear:RC:0(89.96.52.22):. Processed in 0.039869 secs); 12 Mar 2008 11:49:45 -0000 X-Qmail-Scanner-Mail-From: auryn@zirakzigil.org via aurynhome1sv1.zirakzigil.org X-Qmail-Scanner: 1.25 (Clear:RC:0(89.96.52.22):. Processed in 0.039869 secs) Received: from unknown (HELO aurynmob2.giulioferro.it) (auryn@zirakzigil.org@89.96.52.22) by 0 with SMTP; 12 Mar 2008 11:49:45 -0000 Message-ID: <47D7C34E.8060805@zirakzigil.org> Date: Wed, 12 Mar 2008 12:49:34 +0100 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.5 (X11/20070724) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: VLAN trunking and fragmentation X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Mar 2008 12:16:29 -0000 I need to configure ports to work with multiple vlan on my redundant freebsd router/firewall. In order to setup my test environment I have 2 freebsd boxes 7.0 STABLE amd64 both with gigabit realtek (re0). According to what the man says, these cards should support vlan in hardware. These PCs are connected to a dell 48 port managed layer-3 switch on port 1 and 2. On the dell CLI I configure the vlans: --------------------------- enable configure vlan database vlan 10 exit interface vlan 10 name testvlan exit interface ethernet 1/g1 switchport mode trunk switchport trunk allowed vlan add 10 exit interface ethernet 1/g2 switchport mode trunk switchport trunk allowed vlan add 10 exit --------------------------- On both PC I have configured a vlan interface like this: from /etc/rc.conf --------------------------- ifconfig_re0="inet 192.168.60.1 netmask 255.255.255.0" cloned_interfaces="vlan0" ifconfig_vlan0="inet 192.168.100.1 netmask 255.255.255.0 vlan 10 vlandev re0" --------------------------- same on the other PC, but with physical address = 192.168.60.2 and virtual address 192.168.100.2 When I now try to ping from one machine to the other there is no problem: --------------------------- # ping -c 1 192.168.100.2 PING 192.168.100.2 (192.168.100.2): 56 data bytes 64 bytes from 192.168.100.2: icmp_seq=0 ttl=64 time=0.108 ms --- 192.168.100.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.108/0.108/0.108/0.000 ms --------------------------- The problems start when I send a packet which is bigger than 1472 bytes: --------------------------- ping -c 1 -s 1473 192.168.100.2 --------------------------- The packet is fragmented as it should, but there seems to be some problem with the checksum computation. --------------------------- # on PC 192.168.100.1 tcpdump -i re0 -n -vvv not stp 13:33:37.789615 IP (tos 0x0, ttl 64, id 809, offset 0, flags [+], proto ICMP (1), length 1500, bad cksum 0 (->8a4)!) 192.168.100.1 > 192.168.100.2: ICMP echo request, id 31748, seq 0, length 1480 13:33:37.789622 IP (tos 0x0, ttl 64, id 809, offset 1480, flags [none], proto ICMP (1), length 21, bad cksum 0 (->2db2)!) 192.168.100.1 > 192.168.100.2: icmp #on PC 192.168.100.2 tcpdump -i re0 -n -vvv not stp 13:32:49.038581 IP (tos 0x0, ttl 64, id 809, offset 1480, flags [none], proto ICMP (1), length 21) 192.168.100.1 > 192.168.100.2: icmp --------------------------- I'm told that this same configuration works under linux. It seems to me this could be a bug of the vlan stack under freebsd... Thanks in advance for any workaround / quick patch to solve this issue.