From owner-freebsd-isp@FreeBSD.ORG  Sun Sep 11 08:49:38 2005
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
X-Original-To: freebsd-isp@freebsd.org
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A452016A41F
	for <freebsd-isp@freebsd.org>; Sun, 11 Sep 2005 08:49:38 +0000 (GMT)
	(envelope-from blake@yfug.yumaed.org)
Received: from yfug.yumaed.org (yfug.yumaed.org [204.118.103.170])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6A4B243D45
	for <freebsd-isp@freebsd.org>; Sun, 11 Sep 2005 08:49:38 +0000 (GMT)
	(envelope-from blake@yfug.yumaed.org)
Received: from [192.168.0.100] (70-32-188-8.losaca.adelphia.net [70.32.188.8])
	by yfug.yumaed.org (Postfix) with ESMTP id 69F5A4DA;
	Sun, 11 Sep 2005 01:55:33 -0700 (MST)
In-Reply-To: <4322FDC4.8010609@mac.com>
References: <ED8E7F5B-7E3F-40D8-8993-76E9AB8226F9@yfug.yumaed.org>
	<4322FDC4.8010609@mac.com>
Mime-Version: 1.0 (Apple Message framework v734)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <E2ADC8F5-3BFF-4140-82C1-E7083F25CC81@yfug.yumaed.org>
Content-Transfer-Encoding: 7bit
From: Blake Covarrubias <blake@yfug.yumaed.org>
Date: Sun, 11 Sep 2005 01:49:35 -0700
To: Chuck Swiger <cswiger@mac.com>
X-Mailer: Apple Mail (2.734)
Cc: freebsd-isp@freebsd.org
Subject: Re: VLAN interfaces on FreeBSD; performance issues
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Sep 2005 08:49:38 -0000

On Sep 10, 2005, at 8:37 AM, Chuck Swiger wrote:

> Blake Covarrubias wrote:
>
>> I have a question about VLAN interfaces on FreeBSD. I've read the   
>> documentation and have set them up on a machine. After doing so   
>> though the machine seems less network responsive. Does  
>> implementing  VLAN interfaces / tagging slow down network  
>> performance?
>>
>
> Some, yes, although not by much and that depends to some extent on  
> whether your NIC has VLAN_MTU hardware support.

I'm not sure if VLAN_MTU is available or enabled on my NIC. I will  
have to check that.
>
>
>> The reason for wanting VLAN tagging is the machine has once NIC  
>> and I wanted
>> to multi-home it without having to install another NIC. The  
>> network card is
>> using the 'fxp' driver.
>>
>
> fxp is a good NIC hardware.  However, if you are trying to connect  
> two distinct subnets, playing ISO layer-2 games with VLANs is not  
> going to result in a good substitute for layer-3 IP routing.
>
> You cannot truthfully multihome a machine with a single NIC.
>
My goal is to make this machine a gateway for several servers that I  
need to segment that will be on different IP subnets. I could always  
just alias the IP's to the NIC on the gateway machine, but I need  
layer-2 separation for security.  I'm doing this for co-located  
servers (hence the need for segmentation) I don't think its feasible  
to add a NIC for every new machine.

I'll check to see if VLAN_HWTAGGING and VLAN_MTU is available on the  
NIC. If anyone has any other experience in setting up a router/ 
gateway in this type of environment I'd appreciate your input.

Thanks in advance.

--
Blake Covarrubias