From nobody Wed Jul 30 21:20:39 2025 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bslVv3Dxrz6332k for ; Wed, 30 Jul 2025 21:20:39 +0000 (UTC) (envelope-from ivy@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bslVv23srz3Ymt; Wed, 30 Jul 2025 21:20:39 +0000 (UTC) (envelope-from ivy@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1753910439; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=gdk5EZRkY6ktRk0Pd9Fm0joECwFWw93Ty0P0X1hL3CQ=; b=OI23ZXr6+otISdaQcLOkujMFxkAxcR89BqODP24xrDoJzRy8jHXrOFekaEOViC7+bbV1T1 v1uMcAO5HiSIYFw0UoHH9QoznmSy+P+11/mbknkgscJZvjSU2neAcb495IEBwMCWwHQOmT G4fBfNNLtJQEAHkNlkLs7VbVmyqG9H7pXD5+3h5946up4HZEZw1EfxMGbA429ZoBixLPZ6 gqiYHv7Y1veL9AjxzFrKYSfbRKxOn65/ZSstCNBKHhH/RwJE7Z4FbapznaPPbLbGr90RF8 zU1BMBSAuG0Gw7o5XovUEBoBxGGvPT6KNbK2qOH6szf5ZLFL65xY6n0NPhCMoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1753910439; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=gdk5EZRkY6ktRk0Pd9Fm0joECwFWw93Ty0P0X1hL3CQ=; b=eusFGYAQH+hOdyiG5iB6wBr8R7l9cN4716N3t3lKU8vz+/l/BXmj4vIxJJR9xMyc2c3rlh 5BFv2vZL72ZYDAtepCZuKogvNy+d5DsTIHJ5Nb2pBlzPuggKfciYpuigUrdJkDS+T2zTI2 UnE8zhuv9KekDPwncabClcPuwQtJWV+1J0/Anu+UFlVWkTD7Yix0VrtAOoiqcRLBR3gn6e GKMKuxUDwX5+FfkGM6OaskbrR/WgJY3zaSrMg+0IdXISlT8ncNOo7JNTNXgfDS0aqXKEKH ujxW4Tk03P2vF8jZjVSubqoKTa7FN3wHwhJbaqoNk71uPMAGFTIIdnFTkGAu8A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1753910439; a=rsa-sha256; cv=none; b=hE62T7VCi+xkU/mU6C1a2fwZhhCh3YNd7QwAfxIzn1brU8KEklLIgKNTXJT41g9hIyB+qL viwwrdCg+6Jp3W/zD/23gyX7riCBsLRMmNtelxnGAPH6wdTlDfzG+K56rbwGab/f/b9S/3 m1RSBGzDpdMKNSqJWkPdAomXOdG++6SPG2vUDX7ozQYK4z4cvovpQPBtR05sg9zIU9KP1K GkFE1hV46LupBQLzmN7HtVWAbmCGCaKnKIUA8mxRcw6Fp6RdgiFc+ccRiTWHUZjIgiIwQX guMTETCtgz8LUDNpap2X3jegj8rou7U7V8jKcAUB/ydqHEs7mZVvJorFljpz2w== Received: by freefall.freebsd.org (Postfix, from userid 1532) id 2F37824022; Wed, 30 Jul 2025 21:20:39 +0000 (UTC) Date: Wed, 30 Jul 2025 22:20:39 +0100 From: Lexi Winter To: "Patrick M. Hausen" Cc: "Bjoern A. Zeeb" , "net@freebsd.org" Subject: Re: vlan(4) and bridge(4) on same interface Message-ID: Mail-Followup-To: "Patrick M. Hausen" , "Bjoern A. Zeeb" , "net@freebsd.org" References: <83AAB529-4AA4-4C71-9B9E-9CD568128A67@punkt.de> List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="moEofP576Xl/BLY3" Content-Disposition: inline In-Reply-To: <83AAB529-4AA4-4C71-9B9E-9CD568128A67@punkt.de> --moEofP576Xl/BLY3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Patrick M. Hausen: > In that case a valid configuration would be: >=20 > VLAN 1 on igb0: igb0.1 > VLAN 2 on igb0: igb0.2 >=20 > VLAN 1 on igb1: igb1.1 > VLAN 2 on igb1: igb1.2 >=20 > bridge1: igb0.1 igb1.1 > bridge2: igb0.2 igb2.2 >=20 > All layer 3 configuration, all packet filtering, etc. on the bridge inter= faces. > No native frames on either igb0 or igb1. >=20 > That's how it was supposed to work and did perfectly well. >=20 > One bridge interface per VLAN - what's wrong with that? your configuration is fine and nothing will change about that if you want to continue configuring it this way. the situation i'm talking about is when you have a vlan(4) configured on an interface, and the underlying interface (not the vlan interface) is also in a bridge, for example: ifconfig vlan0 create vlan 101 vlandev ix0 ifconfig bridge0 create addm ix0 "ix0" has a vlan(4) configured on it and is also in a bridge: this is the configuration i want to prohibit. the text you quoted was not supposed to indicate that will be the *only* way to configure vlans and bridges, only to explain the direction i'm going in with recent changes to bridge. but bridge will always be able to bridge any type of Ethernet interface, including vlan(4), if that's how you want to use it. --moEofP576Xl/BLY3 Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQSyjTg96lp3RifySyn1nT63mIK/YAUCaIqMowAKCRD1nT63mIK/ YCoYAQDilYbYYA4Nr9Gf7NS6CArMzf9itDv9sVne8f0adYpSIQD9GX1u5ua5YuA/ pkv7XQgSK7/qtIRB+Thec4Mk8kvKuQc= =mwCk -----END PGP SIGNATURE----- --moEofP576Xl/BLY3--