From owner-freebsd-net@FreeBSD.ORG Thu Jul 3 15:01:11 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47AF337B401 for ; Thu, 3 Jul 2003 15:01:11 -0700 (PDT) Received: from www.ambrisko.com (adsl-64-174-51-42.dsl.snfc21.pacbell.net [64.174.51.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 61A5744033 for ; Thu, 3 Jul 2003 15:01:10 -0700 (PDT) (envelope-from ambrisko@www.ambrisko.com) Received: from www.ambrisko.com (localhost [127.0.0.1]) by www.ambrisko.com (8.12.8p1/8.12.8) with ESMTP id h63M0YO7088407; Thu, 3 Jul 2003 15:00:34 -0700 (PDT) (envelope-from ambrisko@www.ambrisko.com) Received: (from ambrisko@localhost) by www.ambrisko.com (8.12.8p1/8.12.8/Submit) id h63M0YcL088406; Thu, 3 Jul 2003 15:00:34 -0700 (PDT) (envelope-from ambrisko) From: Doug Ambrisko Message-Id: <200307032200.h63M0YcL088406@www.ambrisko.com> In-Reply-To: To: Julian Elischer Date: Thu, 3 Jul 2003 15:00:34 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Suggesting for fixing VLAN bridging the right way X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2003 22:01:11 -0000 Julian Elischer writes: | how does netgraph bridging do? I'm actually using netgraph bridging sort-of, kind-of. Since I don't care about loops and I'm only connecting to interfaces together I just doing ngctl connect vlan0: rl0: lower lower with the setpromisc, setautosrc etc. Luigi's bridging had the same issue. This is actually a simple test case. What I'm doing it actually more complicated for our product VLAN testing. With this hack now my test stuff works (I do a IP re-map to do a poor man's virtualization of the network stack ... which by the way I tried out the latest virtual network stuff. It sort-of worked but ran into some bugs and quirks). So this is a fundamental bug, in which the packets from the NIC don't make it to the vlan SW layer and things break. I guess I didn't explain that part well based on some other questions I got. You also have to set the NIC in promiscous mode as well. Seems like if you configure a VLAN and modes those things should get enabled on the base NIC. Granted it could get funky with HW VLAN support. It strange since I don't ifconfig the NIC but I always have to do an 'ifconfig up' to make the VLAN work at all. That's a little odd. Also you can see the bug via tcpdumps. You see the packets come in on the NIC but never make to the vlan iface. Doug A. | On Thu, 3 Jul 2003, Doug Ambrisko wrote: | | > I'm trying to bridge VLAN traffic to network that doesn't have that VLAN, | > something like: | > (vlan network) -> fxp0 -> vlan0 <- FreeBSD bridge -> rl0 (no tag) | > | > Both of the networks are the same except one side is tagged the other | > has no tag. | > | > It works fine in the "no tag" -> "tag" direction. It fails in the | > "tag" -> "no tag" direction since ether_demux we bail out on this | > check: | > if (!(BDG_ACTIVE(ifp))) { | > /* | > * Discard packet if upper layers shouldn't see it because it | > * was unicast to a different Ethernet address. If the driver | > * is working properly, then this situation can only happen | > * when the interface is in promiscuous mode. | > */ | > if ((ifp->if_flags & IFF_PROMISC) != 0 | > && (eh->ether_dhost[0] & 1) == 0 | > && bcmp(eh->ether_dhost, | > IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 | > && (ifp->if_flags & IFF_PPROMISC) == 0) { | > m_freem(m); | > return; | > } | > } | > | > since it doesn't consider VLAN tagged packets coming in the headers | > won't match this paradigm so the packets get through out. I did a quick | > hack and changed it to: | > if (!(BDG_ACTIVE(ifp))) { | > /* | > * Discard packet if upper layers shouldn't see it because it | > * was unicast to a different Ethernet address. If the driver | > * is working properly, then this situation can only happen | > * when the interface is in promiscuous mode. | > */ | > if ((ifp->if_flags & IFF_PROMISC) != 0 | > && (eh->ether_dhost[0] & 1) == 0 | > && bcmp(eh->ether_dhost, | > IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0 | > && (ifp->if_flags & IFF_PPROMISC) == 0) { | > /* | > * Let VLAN packets go to the SW VLAN node needed for | > * bridging | > */ | > if (! (vlan_input_p != NULL | > && ntohs(eh->ether_type) == ETHERTYPE_VLAN )) { | > m_freem(m); | > return; | > } | > } | > } | > | > That makes it work. I rather doubt this is the right solution. | > | > Suggestions greatly appreciated. This issue is in -current and -stable. | > | > Thanks, | > | > Doug A. | > _______________________________________________ | > freebsd-net@freebsd.org mailing list | > http://lists.freebsd.org/mailman/listinfo/freebsd-net | > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" | > |