From owner-freebsd-questions@FreeBSD.ORG  Mon Jul  5 16:16:30 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 06BA81065675
	for <freebsd-questions@freebsd.org>;
	Mon,  5 Jul 2010 16:16:30 +0000 (UTC)
	(envelope-from modulok@gmail.com)
Received: from mail-qy0-f175.google.com (mail-qy0-f175.google.com
	[209.85.216.175])
	by mx1.freebsd.org (Postfix) with ESMTP id B9C0B8FC25
	for <freebsd-questions@freebsd.org>;
	Mon,  5 Jul 2010 16:16:29 +0000 (UTC)
Received: by qyk30 with SMTP id 30so2043339qyk.13
	for <freebsd-questions@freebsd.org>;
	Mon, 05 Jul 2010 09:16:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:received:date:message-id
	:subject:from:to:content-type;
	bh=d/75hTAhO2koOH2KZqBapVcq8hiD45JAE4I5iZnrtTc=;
	b=SRn2p/arRdD+kkMCGWc2mho/xX2k4GmEuCnBFgowpZFSKWeXiBLZlayyPd+Ux3a3mv
	4Hx5KRvdisXCX4Uz7v3tggXeBdhiJJNVPSFIVN8X1gSdrHBOoeBcm62cwlvqLlXIO0Ow
	wFiM3EN3QWbUBOdpxFs6b1hoFwJk3/86pG/QM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type;
	b=YvIEXuk4W0XYG6xRNPMNIOlkpdSQjxJQiPoGiV9z6jRpzbykBNmM8WWtywNwgJXuYd
	0twHyLOnen2mOVHlGx/K5dsmIBp6Rd14oXj6DtCfQRq1UPAX/lqyv4KTkX/A0Skbraot
	shIWLuqT/2bHMckTGhWOgic4FwHzi14PeZDEk=
MIME-Version: 1.0
Received: by 10.224.106.34 with SMTP id v34mr1585688qao.325.1278346579928; 
	Mon, 05 Jul 2010 09:16:19 -0700 (PDT)
Received: by 10.224.67.132 with HTTP; Mon, 5 Jul 2010 09:16:19 -0700 (PDT)
Date: Mon, 5 Jul 2010 10:16:19 -0600
Message-ID: <AANLkTilW7eTmmdUtRlXpRX3CT_vuOkE2M0eDB_qiiauW@mail.gmail.com>
From: Modulok <modulok@gmail.com>
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: VLANs is this right?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jul 2010 16:16:30 -0000

Hopefully this doesn't get too garbled by various mail clients:

Internet
      |
FreeBSD router
      |
(tagged frames)
      |
   switch
   |    |
vlan1 vlan2
 |        |
hostA    hostB

Criteria:
    - HostA must never directly talk to HostB.
    - Both hostA and hostB have an Internet connection.

What I have to work with:
    proCurve switch which supports VLANs.
    2x Intel NICs in FreeBSD which support VLANs.

I've never messed with VLANs before. This is all new to me. As I
understand so far, this should be a simple matter of creating the
vlans on the switch, assigning ports to their respective vlan in
'untagged' mode, and then assigning the port BSD connects to, as a
'tagged' member of both VLAN's? Then I'd create an IP alias on the
internal FreeBSD NIC, so that it can talk to both networks over the
same wire? Is this right?

I'd do more experimentation but I can't have down time until later
tonight so I thought I'd ask in the mean time.

Thanks!
-Modulok-