Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Mar 2012 09:27:16 -0700 (PDT)
From:      Doug Ambrisko <ambrisko@ambrisko.com>
To:        saeedeh motlagh <saeedeh.motlagh@gmail.com>
Cc:        h bagade <bagadeh@gmail.com>, freebsd-net <freebsd-net@freebsd.org>
Subject:   Re: problem with vlan interfaces tagging/untagging in a simulated switch box
Message-ID:  <201203131627.q2DGRGlk056510@ambrisko.com>
In-Reply-To: <CAN%2BS=WA-m5uDH1OUTp7pYqSMuhvhU=07wGBjeBZSD-DVFbmSRw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
saeedeh motlagh writes:
| i think i have similar problem too. you want to have tagged and
| untagged traffic at the same time on the trunk port, right?
| in your topology the vlans and trunk port are bridged and the tagged
| traffic is passed through the trunk port and every thing works fine.
| then  when you want to have the untagged traffic on the trunk port,
| you bridge an interface with trunk port directly. after that all the
| traffic which is received on the trunk port, are sent to this
| interface and vlans receive no packet.
| 
|                  eth0 -+
|                        |
|                  eth1 -+ --- bridge1 --- vlan9 --+-- eth4  -----
|                                                                               |
|                 eth2 -+ --- bridge2 --- vlan8 --+ --------+
|
|                 eth3 -+ ------------ bridge3 ----------------+
| 
| please let me know if i understand what you exactly mean.
| yours,

I think part of the problem with the standard code paths unless 
you use netgraph is that the vlan SW stack transmits directly to 
the NIC and skips the bridge.  This code is in vlan_start of
sys/net/if_vlan.c.  There is a comment that says:
	Send it, precisely as ether_output() would have.

Also this would only work with SW VLAN and not HW assist VLAN.
So I have two changes, disable HW assist VLAN and to re-insert
the VLAN packet into the ether_output just before the bridge.
I ended up splitting ether_output into 2 function so I could
call the end part of ether_output from vlan_start.  I also had
a trivial change to allow VLAN in VLAN.  I don't really have
to use this code now so I've dropped some of it.  I did it for
testing.  Now I plan to create the same test environment using
the vimage work since it is cleaner and easier to understand.

My suggestion would be to create a netgraph solution since it
shouldn't have these limitations.  It's probably what I would
have done if netgraph had this as the time.

Doug A.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203131627.q2DGRGlk056510>