From owner-freebsd-net@FreeBSD.ORG Mon Dec 19 17:03:42 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DE3B41065670 for ; Mon, 19 Dec 2011 17:03:42 +0000 (UTC) (envelope-from lists@jnielsen.net) Received: from ns1.jnielsen.net (secure.freebsdsolutions.net [69.55.234.48]) by mx1.freebsd.org (Postfix) with ESMTP id BBE7F8FC15 for ; Mon, 19 Dec 2011 17:03:42 +0000 (UTC) Received: from jnielsen.socialserve.com ([12.249.176.26]) (authenticated bits=0) by ns1.jnielsen.net (8.14.4/8.14.4) with ESMTP id pBJGlfsS049711 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 19 Dec 2011 11:47:41 -0500 (EST) (envelope-from lists@jnielsen.net) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Apple Message framework v1084) From: John Nielsen In-Reply-To: Date: Mon, 19 Dec 2011 11:47:36 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <3D195FF7-50F1-4955-9D27-CA249FC157E0@jnielsen.net> References: To: saeedeh motlagh , freebsd-net@freebsd.org X-Mailer: Apple Mail (2.1084) X-DCC-EATSERVER-Metrics: ns1.jnielsen.net 1166; Body=2 Fuz1=2 Fuz2=2 X-Virus-Scanned: clamav-milter 0.97.2 at ns1.jnielsen.net X-Virus-Status: Clean Cc: Subject: Re: vlan without ip address X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Dec 2011 17:03:42 -0000 On Dec 19, 2011, at 12:52 AM, saeedeh motlagh wrote: > you're right but we can't assign tow parent interface to one vlan in > freebsd therefore i define two vlans with the one vlan id. > although we can do it by blow command but it's not work too: > ifconfig gbeth0.10 create > ifconfig msk0.10 create > ifconfig > gbeth0.10: flags=3D8842 metric 0 = mtu 1500 > options=3D3 > ether 00:27:0e:03:4b:2f > media: Ethernet autoselect (1000baseT ) > status: active > vlan: 10 parent interface: gbeth0 > msk0.10: flags=3D8842 metric 0 = mtu 1500 > options=3D100 > ether 00:30:4f:63:5a:bc > media: Ethernet autoselect (none) > status: active > vlan: 10 parent interface: msk0 >=20 > you know when i define vlans with ip addressess they work as i = expected but > i want to know if i can define vlan without ip address as the switch > beacuse i wanna configure a freebsd box as a real switch in my = network. > maybe it's impossible to do that :( Take a few minutes to think out (and describe to us in detail if you = really want useful input) your network topology. What interfaces do you = have on the FreeBSD machine and what are they connected to? Which = interfaces should carry tagged traffic? Which interfaces should carry = untagged traffic? How many VLAN's exist? Which ones does the FreeBSD = machine care about? (i.e. which ones will it be tagging/untagging for?) = Traffic for other VLAN's can pass through the box but you don't need to = create VLAN interfaces for them. You need VLAN interfaces only for those = VLAN's where: The FreeBSD box itself should communicate on one or more = specific VLAN's (and/or provide services, etc) -OR- The FreeBSD box is sending/receiving untagged traffic on one or = more interfaces and should untag/tag it as needed for other hosts. Once you've got that figured out, configure your bridges and VLANs as = follows: Any physical interface that carries traffic for multiple VLAN's should = be considered a "trunk" port. Traffic on trunk ports is tagged. If you only have one trunk port, it shouldn't be in a bridge at all. If = you have more than one, all of your trunk ports should be members of a = single bridge (the "real" parent interfaces). If you don't want the FreeBSD box to do any tagging/untagging then = you're done. However it sounds like that is not the case.. Now create VLAN interfaces off of the trunk bridge (or interface if just = one) for only those VLAN's this machine cares about. For each VLAN that should do tagging/untagging for a physical interface, = create a NEW bridge device. Add to the bridge the untagged physical = interface(s) and the appropriate VLAN interface from the trunk. If the FreeBSD box itself needs to communicate on one or more specific = VLAN's, configure it to do so using the bridge device created for that = VLAN (if any) or the appropriate VLAN sub-interface of the trunk bridge = (if not shared with any untagged physical interfaces). In short, you should only have ONE trunk device, whether it's a bridge = or a single interface. You don't need to create a VLAN interface for = VLAN's this machine doesn't care about. ALL of the VLAN sub-interfaces = you do create should be children of the trunk device. VLAN's that have = untagged interfaces should be in their own bridges with those = interfaces. HTH, JN > On Sun, Dec 18, 2011 at 10:52 PM, Alexander Lunev = wrote: >=20 >> first of all, you should name and number you vlan same, if it's = clan10 >> on the one side, then it's vlan10 on the other side and in betweeen. >> then (though you have to do it first of all), you should understand >> how vlan's work, and after that connect ports to each other according >> to your scheme. >>=20 >>=20 >> -- >> your sweet isn't ready yet >>=20 >>=20 >>=20 >> On Sun, Dec 18, 2011 at 10:01 AM, saeedeh motlagh >> wrote: >>> i have 3 freebsd system: 0.28 , 0.25 and 0.12 which 28 is assumed to = be >>> switch here. one interface of 28 is connected to 25 and the other >> interface >>> of 28 is connected to 12. as mentioned below, i've defined two = vlan10 and >>> 11 with the same vlan id on the 28 and bridge them. >>> now i can't ping 0.25 from 0.12. what's wrong here? should i define >> vlan10 >>> on 12 and 25? >>> please tell me if i'm misunderstanding. >>> this is the ifconfig for 0.28: >>> vlan10: flags=3D8943 >> metric 0 >>> mtu 1500 >>> options=3D3 >>> ether 00:27:0e:03:4b:2f >>> media: Ethernet autoselect (1000baseT ) >>> status: active >>> vlan: 10 parent interface: gbeth0 >>> vlan11: flags=3D8943 >> metric 0 >>> mtu 1500 >>> options=3D100 >>> ether 00:30:4f:63:5a:bc >>> media: Ethernet autoselect (none) >>> status: active >>> vlan: 10 parent interface: msk0 >>> bridge0: flags=3D8843 metric = 0 mtu >>> 1500 >>> ether d6:c4:f6:0f:5e:4f >>> id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 >>> maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 >>> root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 >>> member: vlan11 flags=3D143 >>> ifmaxaddr 0 port 6 priority 128 path cost 55 >>> member: vlan10 flags=3D143 >>> ifmaxaddr 0 port 5 priority 128 path cost 20000 >>>=20 >>>=20 >>> On Sat, Dec 17, 2011 at 8:47 PM, Alireza Torabi < >> alireza.torabi@gmail.com>wrote: >>>=20 >>>> =D9=8EAlso it's a good idea to to attach a ifconfig output. >>>>=20 >>>> On 12/17/11, saeedeh motlagh wrote: >>>>> when i do that, the vlan is defined but from a system in a vlan, i >> can't >>>>> ping the other one which is in the same vlan. so i think that the >> vlan is >>>>> not working. am i right? >>>>>=20 >>>>> On Sat, Dec 17, 2011 at 1:15 PM, Juli Mallett = >>>> wrote: >>>>>=20 >>>>>> You probably just need to do ifconfig vlanxxx up instead of >> assigning an >>>>>> IP. >>>>>>=20 >>>>>> On Sat, Dec 17, 2011 at 00:08, saeedeh motlagh >>>>>> wrote: >>>>>>> hi every body >>>>>>>=20 >>>>>>> i wanna configure a freebsd box as a switch. in order to do = that, i >>>>>> bridged >>>>>>> all my interfaces to have switching and it works fine. after = that i >>>> want >>>>>> to >>>>>>> have vlans on it. as you know, in a real switch, a vlan is >> configured >>>>>> just >>>>>>> by assigning a port to it without any additional configuration = and >>>> vlans >>>>>>> are submitted just by name. but in freebsd a vlan just works = when >> it >>>> has >>>>>> an >>>>>>> ip address (i think). when i define vlan121 on two freebsd = systems >>>> with >>>>>> ip >>>>>>> address it works fine but without ip address i don't know how it >>>> should >>>>>> be >>>>>>> worked. >>>>>>>=20 >>>>>>> can sombody tell me if it is possible to simulate vlans in = freebsd >> as >>>>>> they >>>>>>> are in a real switch? i mean can we have vlans without ip = addresses >>>>>>> which >>>>>>> works fine? maybe some kind of vlan which works by MAc address. = is >> it >>>>>>> possible? >>>>>>> it's so necessary for me to do that:( >>>>>>>=20 >>>>>>> yours, >>>>>>> motlagh >>>>>>> _______________________________________________ >>>>>>> freebsd-net@freebsd.org mailing list >>>>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>>>>>> To unsubscribe, send any mail to " >> freebsd-net-unsubscribe@freebsd.org >>>> " >>>>>>=20 >>>>> _______________________________________________ >>>>> freebsd-net@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>>>> To unsubscribe, send any mail to = "freebsd-net-unsubscribe@freebsd.org >> " >>>>>=20 >>>>=20 >>> _______________________________________________ >>> freebsd-net@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>> To unsubscribe, send any mail to = "freebsd-net-unsubscribe@freebsd.org" >>=20 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >=20