From owner-freebsd-current@freebsd.org Wed Jul 19 13:44:18 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 025B2C7DCD0; Wed, 19 Jul 2017 13:44:18 +0000 (UTC) (envelope-from Sergey.Zhmylove@elcom.spb.ru) Received: from mail.elcom.spb.ru (sungate.elcom.spb.ru [82.179.66.50]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ABBCB7FEF7; Wed, 19 Jul 2017 13:44:17 +0000 (UTC) (envelope-from Sergey.Zhmylove@elcom.spb.ru) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=elcom.spb.ru; s=dkim; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:Cc:References:To:Subject; bh=QgKZIyK3dWymHfzp496P7PnqMK1MnHQ9uCX/hiU+toI=; b=QcpN6PUya6Bc2dPkUazyJ3ZOHuMeFykuLVlHvtNzJdZeAxhcfTKxKYya9ay5Og0uZwqhwOF7QaF/T1Yw6kS6uIpBSehnIBUdFKSVte15pqiAbVSd9qJ8VWupFtbyDRVew1UyDvUmJbFwDFCKKNLsLX1weGw6ERns3bLhiZgGlMa0lBkygeYVPgMUjDwKBCnlLQfq5bLm/YX9cK72bPOBdClUiA2KNnOtyuiXdJaOXi3n0z2rR6qdP9jRtRyhMlYNM0tFsAzFJiCFk26HXmhrVx8PrO0r86VPFn1sySJ0MeMokxgdBjFWwBcS6xb/+ehwK+BQQ94OyU3VxTxagEEVGA==; Received: from dhcp-2-191.elcom.spb.ru ([192.168.2.191]) by mail.elcom.spb.ru with esmtpsa (TLSv1:DHE-RSA-AES128-SHA:128) (Exim 4.85 (FreeBSD)) (envelope-from ) id 1dXpGx-0006Lw-Le; Wed, 19 Jul 2017 16:44:15 +0300 Subject: Re: Inter-VLAN routing on CURRENT: any known issues? To: "O. Hartmann" , Frank Steinborn References: <20170712214334.4fc97335@thor.intern.walstatt.dynvpn.de> <20170713211004.13492aef@thor.intern.walstatt.dynvpn.de> <20170716230514.0c2e5c65@thor.intern.walstatt.dynvpn.de> <20170716211441.GA63054@krenn.local> <20170716233158.53f5d6e3@thor.intern.walstatt.dynvpn.de> Cc: "Andrey V. Elsukov" , FreeBSD CURRENT , FreeBSD Questions From: Sergey Zhmylove Message-ID: <212825a3-ecc5-c9ab-d240-948dfaccb6b4@elcom.spb.ru> Date: Wed, 19 Jul 2017 16:44:16 +0300 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20170716233158.53f5d6e3@thor.intern.walstatt.dynvpn.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jul 2017 13:44:18 -0000 Do you receive packets from 192.168.2.0/24 and 192.168.3.0/24 on igb1.2 and igb1.3 respectively? Do you really need NAT? As far as I can see, you're looking for basic static inter-VLAN routing. Could you check the communication between 2.0/24 and 3.0/24 with unloaded ipfw module (just to exclude ipfw from the investigation)? I have a lot of installations of such scheme on em(4) and re(4) devices -- no problems at all. Even maybe there was igb(4) devices too. Sergey Zhmylove 17.07.2017 0:31, O. Hartmann пишет: > Am Sun, 16 Jul 2017 23:14:41 +0200 > Frank Steinborn schrieb: > >> O. Hartmann wrote: >>> I have not have any success on this and I must ask now, to not make a fool out of my >>> self, whether the concept of having several vlan over one single NIC is possible with >>> FreeBSD (12-CURRENT, as of today, r321055. >>> >>> Since it is even not possible to "route" from a non-tagged igb1 to a tagged vlan >>> igb1.2 or igb1.66 (for instance) on the same NIC, I have a faint suspect that I'm >>> doing something terribly wrong. >>> >>> I think everyone working with vlan should have those problems, but since I can not >>> find anything on the list, I must do something wrong - my simple conclusion. >>> >>> What is it? >> Do you have enabled net.inet.ip.forwarding? >> > Of course I have. As I stated earlier, ICMP pings from on VLAN to another over this > router works, but any IP (UDP, TCP) is vanishing into thin air. > > I don't have a FBSD-11-STABLE reference system at hand, so that I can check with another > revision/major release of the OS, but I work on that. >