From owner-freebsd-net@FreeBSD.ORG  Tue May 23 20:21:37 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2287116AAAA
	for <freebsd-net@freebsd.org>; Tue, 23 May 2006 20:21:37 +0000 (UTC)
	(envelope-from mjeung@cisdata.net)
Received: from dagobah.cisdata.net (dagobah.cisdata.net [63.82.223.109])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E67BA43D45
	for <freebsd-net@freebsd.org>; Tue, 23 May 2006 20:21:36 +0000 (GMT)
	(envelope-from mjeung@cisdata.net)
Received: from adsl-69-237-115-101.dsl.scrm01.pacbell.net ([69.237.115.101]
	helo=[192.168.45.151])
	by dagobah.cisdata.net with esmtp (Exim 4.52 (FreeBSD))
	id 1FidNp-000DIv-Ns
	for freebsd-net@freebsd.org; Tue, 23 May 2006 13:21:37 -0700
Mime-Version: 1.0 (Apple Message framework v750)
Content-Transfer-Encoding: 7bit
Message-Id: <F939FFD1-77C9-4488-8189-BD0CE442EB9D@cisdata.net>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
To: freebsd-net@freebsd.org
From: Michael Jeung <mjeung@cisdata.net>
Date: Tue, 23 May 2006 13:23:02 -0700
X-Mailer: Apple Mail (2.750)
Subject: Redundant Trunked VLANs Revisited
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 May 2006 20:21:47 -0000

Regarding: http://lists.freebsd.org/pipermail/freebsd-net/2004-March/ 
003210.html

I'm trying to implement a similar solution, but instead of using  
ng_bridge, I'm using ng_one2many.

sw1--em0--\                                  /--default(ng_eiface)-- 
ngeth0
   |        multi0(ng_one2many)--vlt0(ng_vlan)--vlan10(ng_eiface)-- 
ngeth1
sw2--em1--/                                  \--vlan20(ng_eiface)-- 
ngeth2

Here's my netgraph script:

#!/bin/sh
# Configure NICs as up and load kernel module
ifconfig em0 up
ifconfig em1 up

kldload ng_ether.ko

# Plumb nodes together
ngctl -f- << EOF
mkpeer em0: one2many upper one
name em0:upper multi0
connect em0: multi0: lower many0
connect em1: multi0: lower many1

# Allow em1 to xmit/recv em0 frames
msg em1: setpromisc 1
msg em1: setautosrc 0
msg em0: setpromisc 1
msg em0: setautosrc 0

# Reconnect the one hook to the vlan interface (vlt0)
rmhook multi0: one
mkpeer multi0: vlan one downstream
name multi0:one vlt0

# VLAN Default (ngeth0)
mkpeer vlt0: eiface nomatch ether
name vlt0:nomatch default

# VLAN 10 (ngeth1)
mkpeer vlt0: eiface vlan10 ether
msg vlt0: addfilter { vlan=10 hook="vlan10" }
name vlt0:vlan10 vlan10

# VLAN 20 (ngeth2)
mkpeer vlt0: eiface vlan20 ether
msg vlt0: addfilter { vlan=20 hook="vlan20" }
name vlt0:vlan20 vlan20
EOF

# Configure all links as up, set xmit/failover policy
ngctl msg multi0: setconfig "{ xmitAlg=1 failAlg=2 enabledLinks=[ 1  
1 ] }"

# Assign IP and default route
ifconfig ngeth0 inet 192.168.45.70 netmask 255.255.255.0
ifconfig ngeth1 inet 192.168.10.70 netmask 255.255.255.0
ifconfig ngeth2 inet 192.168.20.70 netmask 255.255.255.0
route add default 192.168.45.1


It seems to be working pretty well, but something that's confusing me  
is this:  When I go and put IP addresses on ngeth0, ngeth1 and ngeth2  
I can ping those IP addresses without much difficulty.  However, by  
default, the mac addresses for these virtual interfaces are all  
zeroed out (See below).  Plus, when I go into the switch and search  
for the IP addresses, I can't find the MAC addresses associated with  
them -- even though I can ping them!  How can I ping an IP address  
that doesn't have a MAC address associated with it in the switch?

ngeth0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         inet 192.168.45.70 netmask 0xffffff00 broadcast 192.168.45.255
         ether 00:00:00:00:00:00
ngeth1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         inet 192.168.10.70 netmask 0xffffff00 broadcast 192.168.10.255
         ether 00:00:00:00:00:00
ngeth2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         inet 192.168.20.70 netmask 0xffffff00 broadcast 192.168.20.255
         ether 00:00:00:00:00:00

Also, I'm sort of new at working with netgraph so if you spot  
anything weird with my script, I'd really like to know. =)  I'll  
probably be putting this up onto a non-critical production machine in  
a few days.

Thanks,
Michael Jeung