From owner-freebsd-net@FreeBSD.ORG Thu Nov 2 17:11:58 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDA9316A417; Thu, 2 Nov 2006 17:11:58 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp3-g19.free.fr (smtp3-g19.free.fr [212.27.42.29]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F89143D66; Thu, 2 Nov 2006 17:11:47 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp3-g19.free.fr (Postfix) with ESMTP id 4563F4A402; Thu, 2 Nov 2006 18:11:46 +0100 (CET) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id D6BD69E6C2; Thu, 2 Nov 2006 17:12:22 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id C176C405D; Thu, 2 Nov 2006 18:12:22 +0100 (CET) Date: Thu, 2 Nov 2006 18:12:22 +0100 From: 'Jeremie Le Hen' To: Raymond Wagner Message-ID: <20061102171222.GV20405@obiwan.tataz.chchile.org> References: <20061023094742.GA53114@obiwan.tataz.chchile.org> <200610311610.ALN52349@mirapoint.uc.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200610311610.ALN52349@mirapoint.uc.edu> User-Agent: Mutt/1.5.13 (2006-08-11) Cc: freebsd-net@freebsd.org, 'Jeremie Le Hen' , Andrew Thompson Subject: Re: Virtual Network Interfaces X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Nov 2006 17:11:58 -0000 Hi Raymond, On Tue, Oct 31, 2006 at 11:10:47AM -0500, Raymond Wagner wrote: > Your other method is that I keep NAT on the internal interface as normal, > and then create VLANs, bridged to the external interface, to each computer > with an external IP. Those machines would communicate as normal on the > internal network, but use the VLAN interface for external access. I've not > used VLANs before, so I don't know exactly how they work. I know the > wrapper causes some overhead, and my switch drops packets >1500 bytes. Do I > have to lower the MTU on the internal network, or just the VLANs and > external? Also, will my ISP know not to send the larger packets? 802.1q (namely VLAN) adds a 4-bytes header which means your network adapter must support a MTU of 1504 bytes. AFAIK, most of network cards do this. I haven't heard of problems like this so far. I've Cc'ed Andrew Thompson which has imported if_bridge(4) from OpenBSD into FreeBSD. He will likely be able to answer your question and tell whether it is possible to bridge two VLAN interfaces (attached to a physical interface) with another physical interface. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >