From owner-freebsd-net@FreeBSD.ORG Wed Jul 30 09:26:40 2014 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5B8258E7 for ; Wed, 30 Jul 2014 09:26:40 +0000 (UTC) Received: from pandora.amnic.net (pandora.amnic.net [IPv6:2001:67c:21c:a610::11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 091F52238 for ; Wed, 30 Jul 2014 09:26:40 +0000 (UTC) Received: from ran by pandora.amnic.net with local (Exim 4.83 (FreeBSD)) (envelope-from ) id 1XCQ9Y-00090I-HL; Wed, 30 Jul 2014 13:26:32 +0400 Subject: Re: FreeBSD 10.0-R connected to Cisco switch (in 'trunk' mode with native VLAN) - doesn't work? In-Reply-To: To: Karl Pielorz Date: Wed, 30 Jul 2014 13:26:32 +0400 (AMT) From: Hrant Dadivanyan Reply-To: Hrant Dadivanyan X-PGP: https://amnic.net/pgpkeys/hrant.asc X-NCC-RegID: am.isoc X-Mailer: ELM [version 2.4ME+ PL126 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="UTF-8" Message-Id: Sender: Hrant Dadivanyan Cc: freebsd-net@FreeBSD.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jul 2014 09:26:40 -0000 > > Hi, > > I've got a Cisco 3750X switch a colleague is setting up. We've got this > configured - but it doesn't seem to talk nicely to our FBSD 10.0-R box, > looks like some kind of VLAN issue (but shouldn't be). > > > Switch side - the port is configured with: > > switchport trunk encapsulation dot1q > switchport trunk native vlan 2000 > switchport trunk allowed vlan 2000,2200-2300 > switchport mode trunk > Hi Karl, I'm not sure whether it's on by default, but many Cisco switches (including all in 3750 family) can tag native vlan, so no a packet will leave ports untagged. no vlan dot1q tag native in configuration mode will switch this off. Thank you, Hrant > > >From what I understand this tells the Cisco to present all the 'allowed' > VLAN's to the port, and that untagged traffic traversing the port should be > sent/received as VLAN 2000? > > So, we connect our BSD box and do: > > ifconfig bge0 inet 192.168.100.10 netmask 255.255.255.0 > > But we can't ping another host connected on the network, on '192.168.100.1'. > > The above ifconfig uses no VLAN spec, but that should be covered by the > 'trunk native vlan'? > > > The only way we can fix this - is to take the system 'as-is' and change the > Cisco port to: > > switchport mode access > switchport access vlan 2000 > > This sets the port to be 1 VLAN only, and sets that VLAN to VLAN 2000 - so > traffic traversing the port will be untagged, but carried as part of VLAN > 2000. > > I've been told in theory the bottom config should be the 'same' as the > previous one (i.e. untagged traffic is treated as VLAN 2000). > > But with the top config - the BSD box can't connect anywhere, with the > bottom config (with the BSD box setup the same) - it can. > > > Presuming someone here has used Cisco kit with FreeBSD - can anyone see why > the top config doesn't work? - The guy setting up the switches says he > always uses the top config - and hasn't had an issue with it, but this > obviously doesn't work with our FreeBSD boxes. > > I would say we'd try it with a different O/S but at the moment, all the kit > on 'our' side is FreeBSD based... > > > Cheers, > > -Karl > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- Hrant Dadivanyan (aka Ran d'Adi) hrant(at)dadivanyan.net /* "Feci quod potui, faciant meliora potentes." */ ran(at)psg.com