From owner-freebsd-questions@FreeBSD.ORG Wed Dec 22 14:18:32 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 01B6E1065694 for ; Wed, 22 Dec 2010 14:18:32 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3fd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id 5BF9C8FC13 for ; Wed, 22 Dec 2010 14:18:31 +0000 (UTC) Received: from russet.local (reflex.squiz.co.uk [83.217.109.164]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.4/8.14.4) with ESMTP id oBMEI6a8043008 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Wed, 22 Dec 2010 14:18:27 GMT (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.8.3 smtp.infracaninophile.co.uk oBMEI6a8043008 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1293027508; bh=sq1M247Bt6S+gNrvMNy5pMxcag3k6SjnTh2ciuvQ5jE=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Cc:Content-Type:Date:From:In-Reply-To: Message-ID:Mime-Version:References:To; z=Message-ID:=20<4D120895.2060002@infracaninophile.co.uk>|Date:=20W ed,=2022=20Dec=202010=2014:17:57=20+0000|From:=20Matthew=20Seaman= 20|User-Agent:=20Mozilla/5.0=20(M acintosh=3B=20U=3B=20Intel=20Mac=20OS=20X=2010.6=3B=20en-US=3B=20r v:1.9.2.13)=20Gecko/20101207=20Thunderbird/3.1.7|MIME-Version:=201 .0|To:=20freebsd-questions@freebsd.org|Subject:=20Re:=20Port=20bas ed=20VLAN|References:=20|In-Reply-To:=20|X-Enigmail-Version:=201.1.1|Content-Type:=20mul tipart/signed=3B=20micalg=3Dpgp-sha1=3B=0D=0A=20protocol=3D"applic ation/pgp-signature"=3B=0D=0A=20boundary=3D"------------enigCDA259 ACC51800C69AD08D5A"; b=jcI8zKMb6mJ68yHvqCeNvxNetiEM3HxRv5gXvA76BM8cWN9xhQYd6MVzb88WH/vTt Z10h6GGC6ga79UtwoA2Fi7a8EYoLH7f8HSD4XHLiTjxUnco/C3X86sqhuG6vSCV9uV 3qgKON5vBmV1DZHWACWOFGfpCeGMk3By481DFp4s= X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host reflex.squiz.co.uk [83.217.109.164] claimed to be russet.local Message-ID: <4D120895.2060002@infracaninophile.co.uk> Date: Wed, 22 Dec 2010 14:17:57 +0000 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: In-Reply-To: X-Enigmail-Version: 1.1.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigCDA259ACC51800C69AD08D5A" X-Virus-Scanned: clamav-milter 0.96.5 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_20,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_FAIL autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on lucid-nonsense.infracaninophile.co.uk Subject: Re: Port based VLAN X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Dec 2010 14:18:32 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigCDA259ACC51800C69AD08D5A Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 22/12/2010 11:15, Indexer wrote: > Hi, >=20 > I plan to make a FreeBSD based router sometime soon. I would like to be= able to do port based vlanning on the router, so that a client computer = that plugs into that socket is "dumb" to the vlans' existance. >=20 > IE >=20 > em0 - untagged > em1 - vlan 1 > em2 - vlan 2 >=20 > Is what i want to achieve (as a simple example). This way i can use unm= anaged switches on em2, and all clients behind that are to the router on = vlan2 >=20 > How does one go about this on freebsd. >=20 In /etc/rc.conf: ifconfig_em1=3D"up -vlanhwtag" # You may or may not want hwtag -- try bot= h vlans_em1=3D"vlan1" ifconfig_em2=3D'up -vlanhwtag" vlans_em2=3D"vlan2" create_args_vlan1=3D"vlan 1" ipv4_addrs_vlan1=3D"192.168.12.34/24" create_args_vlan2=3D"vlan 2" ipv4_addrs_vlan2=3D"192.168.56.78/24" The em0 i/f should be configured as usual. This will create virtual interfaces vlan1 and vlan2 which you can apply firewall rules to etc. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enigCDA259ACC51800C69AD08D5A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk0SCJsACgkQ8Mjk52CukIydiQCfVgyrrlsmtpn96xSUwJLBDOtL 0dQAnR42f+S/tMcdNyaFa9ICLS3lmF40 =gfC/ -----END PGP SIGNATURE----- --------------enigCDA259ACC51800C69AD08D5A--