From owner-freebsd-net@FreeBSD.ORG  Thu Feb 24 10:00:09 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 376E4106566B
	for <freebsd-net@freebsd.org>; Thu, 24 Feb 2011 10:00:09 +0000 (UTC)
	(envelope-from crapsh@monkeybrains.net)
Received: from lavash.monkeybrains.net (mail.monkeybrains.net [208.69.40.9])
	by mx1.freebsd.org (Postfix) with ESMTP id 096138FC15
	for <freebsd-net@freebsd.org>; Thu, 24 Feb 2011 10:00:08 +0000 (UTC)
Received: from [10.17.45.101] (adsl-76-192-129-143.dsl.pltn13.sbcglobal.net
	[76.192.129.143]) (authenticated bits=0)
	by lavash.monkeybrains.net (8.14.4/8.14.4) with ESMTP id p1O9egOE083536
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO)
	for <freebsd-net@freebsd.org>; Thu, 24 Feb 2011 01:40:42 -0800 (PST)
	(envelope-from crapsh@monkeybrains.net)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=monkeybrains.net;
	s=monkey; t=1298540443;
	bh=0B2xYv5VZaNaHOfnzy/WVMeLPfFOotNk5IUxB5RjwUw=;
	h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type:
	Content-Transfer-Encoding;
	b=ZPtn7ZHWVp7fuIDwNzw6Q6ptt4DbVuXdjsDXZPLntgH5QsCIq683rSwwXT8txgrSq
	t6tCboA2/Jw34k8GgInTbWuF2LQFlHMuonNg7s6dfB6c/wopQSgVJSJReV4LAwkUGJ
	uPUDJRPb8CnkZKuL4EUDhhwPhcRBAkNvon6Hk6qw=
Message-ID: <4D66279F.1000205@monkeybrains.net>
Date: Thu, 24 Feb 2011 01:40:47 -0800
From: Rudy <crapsh@monkeybrains.net>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
	rv:1.9.2.11pre) Gecko/20100928 Shredder/3.1.5pre
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.96.5 at lavash.monkeybrains.net
X-Virus-Status: Clean
Subject: bridges with vlan member -- unicast?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Feb 2011 10:00:09 -0000


Is anyone bridging a bunch (20+) vlans onto one bridge0?
My goal is to do what the HandBook says I can do:
The customers are completely isolated from each other, the full /24
address range can be allocated without subnetting.
http://www.freebsd.org/doc/handbook/network-bridging.html#AEN40688

Last time I tried this (8.1) I got a bunch of unicast flooding and it
busted my network.  I'd like to see a 'nounicast' flag for bridge members...

Say, I've never looked into it, but do unicast floods go to a broadcast
mac address (eg FF:FF:FF:FF:FF:FF) that I could block via layer2?
more on Unicast Flooding:
 http://packetlife.net/blog/2010/jun/4/blocking-unknown-unicast-flooding/

Rudy