From owner-freebsd-net@FreeBSD.ORG Mon Aug 31 22:20:11 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CAC9E106566B for ; Mon, 31 Aug 2009 22:20:11 +0000 (UTC) (envelope-from seklecki@noc.cfi.pgh.pa.us) Received: from mx04.pub.collaborativefusion.com (mx04.pub.collaborativefusion.com [206.210.72.84]) by mx1.freebsd.org (Postfix) with ESMTP id 915728FC08 for ; Mon, 31 Aug 2009 22:20:11 +0000 (UTC) Received: from [192.168.2.161] ([206.210.89.202]) by mx04.pub.collaborativefusion.com (StrongMail Enterprise 4.1.1.4(4.1.1.4-47689)); Mon, 31 Aug 2009 17:55:07 -0400 X-VirtualServerGroup: Default X-MailingID: 00000::00000::00000::00000::::0 X-SMHeaderMap: mid="X-MailingID" X-Destination-ID: freebsd-net@freebsd.org X-SMFBL: ZnJlZWJzZC1uZXRAZnJlZWJzZC5vcmc= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=noc.cfi.pgh.pa.us; s=noc_cfi_pgh_pa_us_key_dkim; l=1008; t=1251755708; i=@noc.cfi.pgh.pa.us; h=Subject:From:To:Cc: In-Reply-To:References:Content-Type:Date:Message-Id:Mime-Version: X-Mailer:Content-Transfer-Encoding; bh=Xp2NL1IRMBbLynKgifLMm54i6 Q4=; b=SwAHZAe6qCOJGwUmd9hqkXfEVW+K4PNQO28YBhb9tO3f7RNQlmqIhWfN3 2FtiZt2my4ufcHihhg/pLwYyHsHg9WnXh6+Pj+mt2ZDrAyfBpT1M3ritfsXcnm3H +B6fS2a From: "Brian A. Seklecki" To: Graham Smith In-Reply-To: References: Content-Type: text/plain Date: Mon, 31 Aug 2009 18:20:07 -0400 Message-Id: <1251757207.25573.1794.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> Mime-Version: 1.0 X-Mailer: Evolution 2.26.3 (2.26.3-1.fc11) Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: native vlan X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Aug 2009 22:20:11 -0000 On Mon, 2009-08-24 at 12:12 -0700, Graham Smith wrote: > requiring creation of native vlan (vlan 0) and why native vlan are > most suitable for this scene ? Cisco highly recommend changing the management VLAN away from VLAN1. Here's an example, of using alternative native VLANs, ironically, on the one Cisco product that doesn't follow that VLAN1-rule. On the Cisco Aironet AP 1200, you can run a Dot1Q VLAN trunk to map X-number of different ESSIDs-to-VLANs. You do this by setting the "bridge-group" of the Ethernet Subinterface and the Dot11Radio subinterfaces to the same VLAN that you would like to bridge. Whereas, management traffic (Monitoring, etc.) has to run on "BVI1", or Bridged Virtual Interface 1, which must transmit untagged on Ethernet0. This stipulation is set by the Bridging IOS on the AP1200. If your management VLAN is something other than VLAN1 (god forbid), you simply set the "native VLAN" on that Dot1Q trunk port on the Catalyst to some other VLAN