From owner-freebsd-net@FreeBSD.ORG Mon Aug 23 19:33:00 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A66DE1065695 for ; Mon, 23 Aug 2010 19:33:00 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost2.sentex.ca (smarthost2-6.sentex.ca [IPv6:2607:f3e0:80:80::2]) by mx1.freebsd.org (Postfix) with ESMTP id 60CB18FC1E for ; Mon, 23 Aug 2010 19:33:00 +0000 (UTC) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost2.sentex.ca (8.14.4/8.14.4) with ESMTP id o7NJWvhQ091303 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 23 Aug 2010 15:32:57 -0400 (EDT) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.14.4/8.14.3) with ESMTP id o7NJWuPS036366; Mon, 23 Aug 2010 15:32:56 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <201008231932.o7NJWuPS036366@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 23 Aug 2010 15:32:59 -0400 To: xavier.humbert@groumpf.org (Xavier HUMBERT), freebsd-net@freebsd.org From: Mike Tancsa In-Reply-To: <1jnowhj.1pd0hjz1mufqimM%xavier.humbert@groumpf.org> References: <201008201711.o7KHBnfT011714@lava.sentex.ca> <1jnowhj.1pd0hjz1mufqimM%xavier.humbert@groumpf.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.67 on 205.211.164.50 Cc: Subject: Re: Inter-vlan routing problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Aug 2010 19:33:00 -0000 At 12:34 PM 8/23/2010, Xavier HUMBERT wrote: >Mike Tancsa wrote: > > > I dont understand, why is 10.75.2.1 going out your default interface > > ? It should look for packets on the same subnet that the vlan3 > interface is on > >Errrr.... According to the interfaces status and the routing table, >this is the >case, or do I misunderstand your question ? The traceroute you showed was going out the default gateway. I guess that was a workstation on just one subnet. Lets start with the obvious, you have sysctl -a net.inet.ip.forwarding set to one right ? > > Can you do an > > arp -na > > and > > netstat -Wnra > > > >[root@gateway ~]# arp -na >? (10.75.3.251) at 00:e0:81:2d:62:3e on vlan4 permanent [vlan] >? (10.75.3.254) at 08:00:71:03:f1:0f on vlan4 expires in 1192 seconds [vlan] >? (10.75.3.252) at 00:1a:a0:12:9a:a1 on vlan4 expires in 850 seconds [vlan] >? (10.75.2.1) at 00:12:ef:42:3c:f3 on vlan3 expires in 848 seconds [vlan] >? (10.75.2.5) at 00:1b:25:5f:58:5d on vlan3 expires in 432 seconds [vlan] OK, you see MAC addresses from the other devices and they seem to be on the correct interfaces. you can ping them right ? They all have you as the default gateway ? e.g. if you do ping -S 102.168.0.251 192.168.0.254 ping -S 10.75.2.251 192.168.0.254 do both work ? Does 192.168.0.254 have 192.168.0.251 as the default gateway ? ---Mike > > On the nortel switch, are you sure you have it on the equiv of a > > "trunk" port? Is there a way to see what MAC addresses the switch > > sees as part of what VLAN ? > >No, there is no "trunk" ports. The term trunk is used by Nortel for MLT. And, >precisely, that what's "show mac-address-table" displays : the MLT table. The >port I'm connected to is simply a port shared by all Vlans. OK, but the port will tag all the packets leaving it with the correct vlan right ? Some switches offer a "hybrid" mode were the packets all exit the port untagged. But based on your arp table, this does not seem to be the case which is good. ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike