Date: Mon, 23 Aug 2010 15:32:59 -0400 From: Mike Tancsa <mike@sentex.net> To: xavier.humbert@groumpf.org (Xavier HUMBERT), freebsd-net@freebsd.org Subject: Re: Inter-vlan routing problem Message-ID: <201008231932.o7NJWuPS036366@lava.sentex.ca> In-Reply-To: <1jnowhj.1pd0hjz1mufqimM%xavier.humbert@groumpf.org> References: <201008201711.o7KHBnfT011714@lava.sentex.ca> <1jnowhj.1pd0hjz1mufqimM%xavier.humbert@groumpf.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:34 PM 8/23/2010, Xavier HUMBERT wrote:
>Mike Tancsa <mike@sentex.net> wrote:
>
> > I dont understand, why is 10.75.2.1 going out your default interface
> > ? It should look for packets on the same subnet that the vlan3
> interface is on
>
>Errrr.... According to the interfaces status and the routing table,
>this is the
>case, or do I misunderstand your question ?
The traceroute you showed was going out the default gateway. I guess
that was a workstation on just one subnet.
Lets start with the obvious, you have
sysctl -a net.inet.ip.forwarding
set to one right ?
> > Can you do an
> > arp -na
> > and
> > netstat -Wnra
> >
>
>[root@gateway ~]# arp -na
>? (10.75.3.251) at 00:e0:81:2d:62:3e on vlan4 permanent [vlan]
>? (10.75.3.254) at 08:00:71:03:f1:0f on vlan4 expires in 1192 seconds [vlan]
>? (10.75.3.252) at 00:1a:a0:12:9a:a1 on vlan4 expires in 850 seconds [vlan]
>? (10.75.2.1) at 00:12:ef:42:3c:f3 on vlan3 expires in 848 seconds [vlan]
>? (10.75.2.5) at 00:1b:25:5f:58:5d on vlan3 expires in 432 seconds [vlan]
OK, you see MAC addresses from the other devices and they seem to be
on the correct interfaces. you can ping them right ? They all have
you as the default gateway ?
e.g. if you do
ping -S 102.168.0.251 192.168.0.254
ping -S 10.75.2.251 192.168.0.254
do both work ? Does 192.168.0.254 have 192.168.0.251 as the default gateway ?
---Mike
> > On the nortel switch, are you sure you have it on the equiv of a
> > "trunk" port? Is there a way to see what MAC addresses the switch
> > sees as part of what VLAN ?
>
>No, there is no "trunk" ports. The term trunk is used by Nortel for MLT. And,
>precisely, that what's "show mac-address-table" displays : the MLT table. The
>port I'm connected to is simply a port shared by all Vlans.
OK, but the port will tag all the packets leaving it with the correct
vlan right ? Some switches offer a "hybrid" mode were the packets all
exit the port untagged. But based on your arp table, this does not
seem to be the case which is good.
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008231932.o7NJWuPS036366>