From owner-freebsd-questions@FreeBSD.ORG Thu Jan 12 13:39:16 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9756B16A41F for ; Thu, 12 Jan 2006 13:39:16 +0000 (GMT) (envelope-from dave@raven.za.net) Received: from elektra.opteqint.net (elektra.opteqint.net [209.25.178.105]) by mx1.FreeBSD.org (Postfix) with ESMTP id 22C2743D48 for ; Thu, 12 Jan 2006 13:39:15 +0000 (GMT) (envelope-from dave@raven.za.net) Received: from [165.165.105.147] (helo=LUCY) by elektra.opteqint.net with esmtpsa (TLSv1:RC4-MD5:128) (Exim 4.52 (FreeBSD)) id 1Ex2kr-0000uV-NG; Thu, 12 Jan 2006 05:44:46 -0800 From: "Dave Raven" To: "'Peter Wood'" Date: Thu, 12 Jan 2006 15:40:39 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AcYW3aWwTqJgaszpSw2lIDxkg32gKgAn3dPQ In-Reply-To: <43C54E5D.8060608@alastria.net> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 X-Spam-Score: -101.4 (---------------------------------------------------) X-Spam-Report: Spam detection software, running on the system "elektra.opteqint.net", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Peter and list, I am unfortunately using 4.x - but it should work fine as far as my understanding is. I'm not sure why it isn't working, but if I bridge em0 and em1 (my two interfaces) the cisco switches can ping each other. The problem is that anything inside the vlan being trunked doesn't go through [...] Content analysis details: (-101.4 points, 4.5 required) pts rule name description ---- ---------------------- -------------------------------------------------- -100 USER_IN_WHITELIST From: address is in the user's white-list -1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP 0.1 TW_FX BODY: Odd Letter Triples with FX Message-Id: <20060112133915.22C2743D48@mx1.FreeBSD.org> Cc: freebsd-questions@freebsd.org Subject: RE: Bridging a Cisco Trunk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 13:39:16 -0000 Hi Peter and list, I am unfortunately using 4.x - but it should work fine as far as my understanding is. I'm not sure why it isn't working, but if I bridge em0 and em1 (my two interfaces) the cisco switches can ping each other. The problem is that anything inside the vlan being trunked doesn't go through Now I have tried your setup below and created the vlans and bridged them, which didn't work, but I don't understand the need for the vlans to be created anyway. Surely I should be able to just transparently bridge any traffic that comes from the one side through to the other, and it should work fine? I don't need to communicate on the vlan, just bridge anything that comes through... If I do have to add vlan0,vlan1 to a bridge that's also fine - but at the moment its not working. Thanks for the help Dave -----Original Message----- From: Peter Wood [mailto:peter@alastria.net] Sent: 11 January 2006 08:29 PM To: Dave Raven Cc: freebsd-questions@freebsd.org Subject: Re: Bridging a Cisco Trunk Dave, > I have two cisco switches, configured to put ports 2-6 on each of > them into vlan 100. Then I have port 1 on both set to trunk between the two > switches. If I have a device on port 2 on switch1 it can ping a device on > port 2 on switch2. I do this quite often, and it works very well on 6.0 for me. You haven't mentioned what version your using, but I will assume you have if_bridge. If you don't and you're gonna use this machine alot for bridging, I'd recommend moving to 6.0. So presumably, you have two interfaces, plugged into the trunk port on each cisco. For arguements sake, we'll say you have an fxp0 and fxp1. So first step is you need to make sure these two interfaces are "up", very important, if they arn't, then it wont work. It's easy to forget if you arn't assigning IP's to them. Remove "polling" if you don't have it compiled into the kernel, but again if you're gonna be bridging packets alot, get it compiled in. It helps.... alot. ifconfig_fxp0="up polling" ifconfig_fxp1="up polling" Now create the vlans (and the bridge for later on). cloned_interfaces="vlan0 vlan1 bridge0" ifconfig_vlan0="vlan 100 vlandev fxp0 up" ifconfig_vlan1="vlan 100 vlandev fxp1 up" In the above please note the "up"s, if they arn't up then it wont bridge. Now setup the bridge, again noticing the "up". ifconfig_bridge0="addm vlan0 addm vlan1 up" It should now be working, watch the kernel console and the cisco's logs to see if there are any mismatches or bridging loops. It also seems that you have to put the "up" at the end of these commands, it took an hour of debugging last night after I had put the up at the start of the ifconfig_vlan lines. Give it a go, send a reply to both me and the list if you are still stuck, Pete. -- Peter Wood ::