Date: Fri, 14 Aug 2015 22:27:07 +0430 From: Hooshang F <ebastan10@gmail.com> To: FreeBSD Net <freebsd-net@freebsd.org> Subject: vlan+bridge questions Message-ID: <CANp8tbUo2tJekEnJ7rvteJN0HehhKT6gEoHajvavcku%2Bd=Opzw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi,
We need to install a freebsd firewall (pf). The freebsd
box needs to be placed in bridge mode in the middle of a VLAN truck
link between 2 Cisco switches. The em0 and em1 ports
are connected to the trunk ports on the 2 switches.
We are going to:
1- Define two vlan interfaces for vlan id X.
one with em0 as parent and the other on top of em1.
2- Create a bridge interface.
3- Add the two vlan interfaces as members of the bridge.
4- Repeat 1-3 for every vlan id used in the network.
2 questions:
1- Is not there a simpler method which does not involve creating so
many vlans & bridges? For instance, is it possible to have
a truck interface which accepts 'all' vlan IDs (like cisco) instead
of creating two vlan interface per ID?
2- How the untagged traffic should be bridged? Cisco switches
send out packets untagged if vlan ID is equal to the trunk port
'native' vlan id. To bridge this packets, we should create
a bridge with em0 and em1 as members, but that will
effectively disables bridging on vlan interfaces. Right?
Thanks in advance.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANp8tbUo2tJekEnJ7rvteJN0HehhKT6gEoHajvavcku%2Bd=Opzw>