From owner-freebsd-net@FreeBSD.ORG Mon Mar 5 22:28:23 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6F748106564A for ; Mon, 5 Mar 2012 22:28:23 +0000 (UTC) (envelope-from peterjeremy@acm.org) Received: from mail26.syd.optusnet.com.au (mail26.syd.optusnet.com.au [211.29.133.167]) by mx1.freebsd.org (Postfix) with ESMTP id F14158FC0C for ; Mon, 5 Mar 2012 22:28:22 +0000 (UTC) Received: from server.vk2pj.dyndns.org (c220-239-116-103.belrs4.nsw.optusnet.com.au [220.239.116.103]) by mail26.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id q25MSDpQ016172 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 6 Mar 2012 09:28:13 +1100 X-Bogosity: Ham, spamicity=0.000000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.5/8.14.4) with ESMTP id q25MSCYk064542; Tue, 6 Mar 2012 09:28:12 +1100 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.5/8.14.4/Submit) id q25MSBa8064540; Tue, 6 Mar 2012 09:28:11 +1100 (EST) (envelope-from peter) Date: Tue, 6 Mar 2012 09:28:11 +1100 From: Peter Jeremy To: h bagade Message-ID: <20120305222811.GA64183@server.vk2pj.dyndns.org> References: <20120305084359.GA56606@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="fdj2RfSjLxBAspz7" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-net Subject: Re: problem with vlan interfaces tagging/untagging in a simulated switch box X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Mar 2012 22:28:23 -0000 --fdj2RfSjLxBAspz7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please don't top-post. On 2012-Mar-05 13:30:36 +0330, h bagade wrote: >on layer 2 switch, ports doesn't have ip addresses and traffic comming >from a vlan port is tagged and pass through trunk port. this means >that in our freebsd box which plays the role of switch, no interfaces >should have ip addresses. OK. Sorry, I misunderstood what you were trying to achieve. I am using FreeBSD as a router rather than a switch. That said, I suspect your problem is that you are misunderstanding how VLAN tagging is applied. If a packet flows through a vlan(4) device, the appropriate tag is removed from incoming (from the network) packets and added to outgoing (to the network) packets. Packets flowing through normal ethernet devies (your ethX) without also flowing through a vlan(4) are not tagged (and so will appear in the default vlan as far as an external switch is concerned). Internally (ie as seen by bridge(4) instances), packets are not tagged. The following example diagram shows 3 distinct packet flows: - packets tagged 5 in trunk1 and 6 in trunk0 - packets tagged 7 in trunk1 and 9 in trunk0 - packets tagged 8 in trunk0 and 10 in trunk2 +-- vlan5 --- bridge1 --- vlan6 --+ | | trunk1 --- eth1 -+- vlan7 --- bridge2 --- vlan9 --+-- eth0 --- trunk0 | =20 bridge3 --- vlan8 --+ | =20 trunk2 -- eth2 --- vlan10 This would be configured as: ifconfig vlan5 vlan 5 vlandev eth1 ifconfig vlan6 vlan 6 vlandev eth0 ifconfig vlan7 vlan 7 vlandev eth1 ifconfig vlan8 vlan 8 vlandev eth0 ifconfig vlan9 vlan 9 vlandev eth0 ifconfig vlan10 vlan 10 vlandev eth2 ifconfig bridge1 addm vlan5 addm vlan6 ifconfig bridge2 addm vlan7 addm vlan9 ifconfig bridge3 addm vlan8 addm vlan10 --=20 Peter Jeremy --fdj2RfSjLxBAspz7 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk9VPfsACgkQ/opHv/APuIcLpACdHBv1TdsiTfqc9BFsZSfIhFKy oQQAoKRhOOevjhZZuGKXyA1tPKdWgB98 =Kb5u -----END PGP SIGNATURE----- --fdj2RfSjLxBAspz7--