From owner-freebsd-net Tue Oct 22 20:53:58 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 099B137B401 for ; Tue, 22 Oct 2002 20:53:57 -0700 (PDT) Received: from vineyard.net (K1.VINEYARD.NET [204.17.195.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D9FA43E6A for ; Tue, 22 Oct 2002 20:53:56 -0700 (PDT) (envelope-from ericx@vineyard.net) Received: from alice (loopback [127.0.0.1]) by vineyard.net (Postfix) with ESMTP id 68CF391F2D for ; Tue, 22 Oct 2002 23:53:45 -0400 (EDT) Message-ID: <009701c27a47$fb2d6c80$3ee380cc@alice> From: "Eric W. Bates" To: Subject: debugging VLANs with tcpdump Date: Tue, 22 Oct 2002 23:55:09 -0400 Organization: Vineyard.NET, Inc. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org While using tcpdump to debug a new VLAN config, I noticed some problems and wanted to ask whether I was simply doing something wrong. I have 3 vlan interfaces attached to an fxp. The 3 vlan are bridged, but the fxp is not included in the group. The fxp has no IP. vlan0 has the IP for the bridge group. fxp0: flags=8943 mtu 1500 ether 00:02:b3:5b:dd:98 media: Ethernet autoselect (100baseTX ) status: active vlan0: flags=8843 mtu 1500 inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255 ether 00:02:b3:5b:dd:98 vlan: 5 parent interface: fxp0 lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 vlan1: flags=8843 mtu 1500 ether 00:02:b3:5b:dd:98 vlan: 10 parent interface: fxp0 vlan2: flags=8843 mtu 1500 ether 00:02:b3:5b:dd:98 vlan: 20 parent interface: fxp0 I get the most useful information when I run tcpdump on the fxp. Doing so shows all the packets passing by the NIC and it labels VLAN packets with their tag. tcpdump -i fxp0 20:00:54.747032 802.1Q vlan#10 P0 192.168.10.98 > 192.168.10.1: icmp: echo request (ttl 32, id 232, len 60) 20:00:54.747210 802.1Q vlan#10 P0 192.168.10.1 > 192.168.10.98: icmp: echo reply (ttl 64, id 22505, len 60) As soon as I add an expression to the tcpdump, I lose the VLAN labels from the output. I tried: tcpdump -i fxp0 icmp tcpdump -i fxp0 vlan tcpdump -i fxp0 host fw.mvhost.com I also tried increasing verbosity (-vvv). Attaching tcpdump to a vlan was interesting. Presumably I was seeing only packets tagged with the pseudo-interface's VLAN ID; but the labels were gone again. Is this a bug? If not, how do I display the explicit tag information under more circumstances? Thanks for your time. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message