Date: Wed, 30 Jan 2008 15:22:58 +0000 From: Tom Judge <tom@tomjudge.com> To: Alexandre Biancalana <biancalana@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: VLAN problems Message-ID: <47A09652.5070103@tomjudge.com> In-Reply-To: <8e10486b0801300610jf0b3f88tc3c06dab76268917@mail.gmail.com> References: <8e10486b0801290439y77568aeby6c6dbfbb5132f61d@mail.gmail.com> <479F4C3C.5070801@tomjudge.com> <8e10486b0801290842l5d65bb3fk8a02d731c3ad1b91@mail.gmail.com> <479F7C7A.5080605@tomjudge.com> <8e10486b0801291438n51ca5bcdue2d7ef531ffefaae@mail.gmail.com> <47A07525.9080201@tomjudge.com> <8e10486b0801300610jf0b3f88tc3c06dab76268917@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------020500070408080304020907
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Alexandre Biancalana wrote:
> On 1/30/08, Tom Judge <tom@tomjudge.com> wrote:
>
> ....
>
>>>> Do you have any error messages on the console in dmesg? ('cannot pad
>>>> short frame', 'unable to prepend vlan header' for example).
>>> no :(
>> Sorry I'm fresh out of ideas now... Unless you could be should of ram
>> what does netstat -m look like? Also you could look at changing
>> if_vlan.c to print the error number of the error if IFQ_HANDOFF fails.
>
> Me too... This should be much simple... I can't imagine why so much
> trouble in this configuration, I have a similar setup with linux :(
> and have no problem at all...
>
> # netstat -m
> 938/2347/3285 mbufs in use (current/cache/total)
> 936/1860/2796/32768 mbuf clusters in use (current/cache/total/max)
> 936/1860 mbuf+clusters out of packet secondary zone in use (current/cache)
> 0/0/0/0 4k (page size) jumbo clusters in use (current/cache/total/max)
> 0/0/0/0 9k jumbo clusters in use (current/cache/total/max)
> 0/0/0/0 16k jumbo clusters in use (current/cache/total/max)
> 2109K/4306K/6415K bytes allocated to network (current/cache/total)
> 0/3/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
> 0/0/0 requests for jumbo clusters denied (4k/9k/16k)
> 0/7/4544 sfbufs in use (current/peak/max)
> 0 requests for sfbufs denied
> 0 requests for sfbufs delayed
> 0 requests for I/O initiated by sendfile
> 229 calls to protocol drain routines
>
Cant see any issues here.
>
> Is the vlan solution designed to work with multiple concurrent 100M
> networks using the same Gbit interface ? or Am I thinking in a wrong ?
>
> I want to have a central firewall in my network, filtering ALL the
> traffic between ALL internal networks and external links. I already
> done that using physical nics, ( I had one machine with 8 nic) but now
> I have one machine with 2 gigabit nics and want to configure multiple
> vlan on top this for the internal networks and external links.
>
> Am I wrong to think that this should work ??
The concepts and configuration seems fine to me.
Do you by any change have Q-in-Q enabled anywhere on your network?
Could you try this patch (attached) to see what error you are getting
from IFQ_HANDOFF? (you will need to apply if from in sys/net and
rebuild your kernel or vlan module).
Tom
--------------020500070408080304020907
Content-Type: text/x-patch;
name="if_vlan.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="if_vlan.patch"
--- if_vlan.c.orig 2008-01-30 15:09:46.000000000 +0000
+++ if_vlan.c 2008-01-30 15:20:29.000000000 +0000
@@ -864,10 +864,12 @@
* We are already running at splimp.
*/
IFQ_HANDOFF(p, m, error);
- if (!error)
+ if (!error) {
ifp->if_opackets++;
- else
+ } else {
ifp->if_oerrors++;
+ if_printf(ifp, "error during IFQ_HANDOFF: %d\n", error);
+ }
}
}
--------------020500070408080304020907--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47A09652.5070103>