Date: Thu, 21 Aug 2003 13:44:38 -0300 From: "Daniel C. Sobral" <dcs@tcoip.com.br> To: Doug Ambrisko <ambrisko@ambrisko.com> Cc: freebsd-net@freebsd.org Subject: Re: CFR: bridge locking Message-ID: <3F44F6F6.9090606@tcoip.com.br> In-Reply-To: <200308210336.h7L3adqP091151@ambrisko.com> References: <200308210336.h7L3adqP091151@ambrisko.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Ambrisko wrote: > Daniel C. Sobral writes: > | If you get bridge to send/receive packets to/from vlan interfaces > | attached to them, I'll be forever grateful. > | > | I've been trying to configure a setup where a firewall is connected to > | redundant switches, but no solution I found could handle the vlan > | attachments. :-( > > I assuming you are using SW VLANs then you need this. There is supposed > to be work to fix this correctly in progress but this works for > me when bridging VLANs. This didn't work for me. I don't know if I'm using SW or HW vlans. But since I can see the vlan packets with tcpdump, I tend to believe it would be SW vlans. The test I'm doing is the following: kldload bridge sysctl net.link.ether.bridge=1 sysctl net.link.ether.bridge_cfg="fxp1 fxp3" ifconfig fxp1 up ifconfig fxp3 up ifconfig vlan0 create ifconfig vlan0 vlan 999 vlandev fxp1 ifconfig vlan0 200.220.254.190/26 On the switch side, the port connected to fxp1 is down and the one connected to fxp3 is up. Next, I ping all around. What I see with your patch is: ARP packets received on fxp3 go to fxp1 but not vlan0. ARP packets sent through vlan0 go to fxp1 but not fxp3. This is 4.7-RELEASE. The patch did not apply cleanly, but I went through it and fixed all failed chunks. (yes, this is pretty much like the other message I sent -- the results were the same, but then I wondered if I hadn't made an error in one of the above steps and went back to test it again, so, in the mean time, I copied the above to the other message, adjusted, and set that reply. :) > > Doug A. > > Index: net/if_ethersubr.c > =================================================================== > RCS file: /cvs/src/sys/net/if_ethersubr.c,v > retrieving revision 1.70.2.33 > diff -c -r1.70.2.33 if_ethersubr.c > *** net/if_ethersubr.c 28 Apr 2003 15:45:53 -0000 1.70.2.33 > --- net/if_ethersubr.c 21 Aug 2003 03:31:09 -0000 > *************** > *** 667,674 **** > && bcmp(eh->ether_dhost, > IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 > && (ifp->if_ipending & IFF_PPROMISC) == 0) { > ! m_freem(m); > ! return; > } > > /* Discard packet if interface is not up */ > --- 667,681 ---- > && bcmp(eh->ether_dhost, > IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 > && (ifp->if_ipending & IFF_PPROMISC) == 0) { > ! /* > ! * Let VLAN packets go to the SW VLAN node needed for > ! * bridging > ! */ > ! if (! (ntohs(eh->ether_type) == ETHERTYPE_VLAN > ! && vlan_input_p != NULL)) { > ! m_freem(m); > ! return; > ! } > } > > /* Discard packet if interface is not up */ -- Daniel C. Sobral (8-DCS) Gerencia de Operacoes Divisao de Comunicacao de Dados Coordenacao de Seguranca VIVO Centro Oeste Norte Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo@tco.net.br Daniel.Sobral@tcoip.com.br dcs@tcoip.com.br Outros: dcs@newsguy.com dcs@freebsd.org capo@notorious.bsdconspiracy.net "man hier" will explain the way FreeBSD filesystems are normally laid out. -- David Scheidt <dscheidt@tumbolia.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F44F6F6.9090606>