Date: Thu, 21 Aug 2003 14:31:43 -0300 From: "Daniel C. Sobral" <dcs@tcoip.com.br> To: Doug Ambrisko <ambrisko@ambrisko.com> Cc: larse@ISI.EDU Subject: Re: CFR: bridge locking Message-ID: <3F4501FF.6040608@tcoip.com.br> In-Reply-To: <200308211713.h7LHDEwn034710@ambrisko.com> References: <200308211713.h7LHDEwn034710@ambrisko.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Ambrisko wrote:
> |
...
> | The test I'm doing is the following:
> |
> | kldload bridge
> | sysctl net.link.ether.bridge=1
> | sysctl net.link.ether.bridge_cfg="fxp1 fxp3"
> | ifconfig fxp1 up
> | ifconfig fxp3 up
> | ifconfig vlan0 create
> | ifconfig vlan0 vlan 999 vlandev fxp1
> | ifconfig vlan0 200.220.254.190/26
> |
> | On the switch side, the port connected to fxp1 is down and the one
> | connected to fxp3 is up. Next, I ping all around. What I see with your
> | patch is:
> |
> | ARP packets received on fxp3 go to fxp1 but not vlan0.
> | ARP packets sent through vlan0 go to fxp1 but not fxp3.
...
>
> No my mistake ... I was thinking you were trying to bridge the
> traffic out of the FreeBSD vlan device. That is what my patch fixes.
> Sorry.
>
> For kicks you could try netgraph bridging. I found it sometimes works
> better. Tweak the script in /usr/share/example/netgraph. For some
> purposes I use bridge others I use the netgraph version. Depends on
> the need.
>
> FWIW I have created a vmnet iface then bridged to it. However, for it
> to work with netgraph you need to make it work. I use vmnet since it
> is persistant and I can just do an
> echo -n > /dev/vmnet1
> to create it. Then I can do various things to it. So you could run
> the vlan off vmnet1 and then bridge it to the others.
Err... mmmm... I don't know what a vmnet is, and "apropos" told me no
tales. :-)
Alas, I tried netgraph to. It suffers from about the same problem.
Packets on the bridge do not go to the vlan, and packets from the vlan
do not get sent to the bridged interfaces (just the attached one).
I tried ng_iface, but vlan won't attach to that.
Someone mentioned ng_eiface, which, from the looks of it, has potential.
Unfortunately, there's no documentation on it, so I don't have any idea
on how to use it.
And, on the curious side, it's has been mfc in time for 4.6-RELEASE, but
it still hasn't been hasn't been connected to the build. :-)
I'll cc Julian in this message, see if he feels guilty or something. :-)
--
Daniel C. Sobral (8-DCS)
Gerencia de Operacoes
Divisao de Comunicacao de Dados
Coordenacao de Seguranca
VIVO Centro Oeste Norte
Fones: 55-61-313-7654/Cel: 55-61-9618-0904
E-mail: Daniel.Capo@tco.net.br
Daniel.Sobral@tcoip.com.br
dcs@tcoip.com.br
Outros:
dcs@newsguy.com
dcs@freebsd.org
capo@notorious.bsdconspiracy.net
Der Horizont vieler Menschen ist ein Kreis mit Radius Null -
und das nennen sie ihren Standpunkt.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F4501FF.6040608>