From owner-freebsd-arch@FreeBSD.ORG Wed Sep 28 18:48:12 2005 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16F7316A41F for ; Wed, 28 Sep 2005 18:48:12 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from mail10.syd.optusnet.com.au (mail10.syd.optusnet.com.au [211.29.132.191]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C89A43D4C for ; Wed, 28 Sep 2005 18:48:11 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c220-239-19-236.belrs4.nsw.optusnet.com.au [220.239.19.236]) by mail10.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id j8SIlXgV002963 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 29 Sep 2005 04:47:34 +1000 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1]) by cirb503493.alcatel.com.au (8.12.10/8.12.10) with ESMTP id j8SIlXSR073117; Thu, 29 Sep 2005 04:47:33 +1000 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost) by cirb503493.alcatel.com.au (8.12.10/8.12.9/Submit) id j8SIlWNV073116; Thu, 29 Sep 2005 04:47:32 +1000 (EST) (envelope-from pjeremy) Date: Thu, 29 Sep 2005 04:47:32 +1000 From: Peter Jeremy To: Luigi Rizzo Message-ID: <20050928184731.GA72352@cirb503493.alcatel.com.au> References: <200509241525.16173.max@love2party.net> <20050924192237.GP40237@cirb503493.alcatel.com.au> <20050928102153.GA86457@comp.chem.msu.su> <20050928032933.G16027@xorpc.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050928032933.G16027@xorpc.icir.org> User-Agent: Mutt/1.4.2.1i Cc: Yar Tikhiy , freebsd-arch@freebsd.org, Max Laier Subject: Re: Bridges X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2005 18:48:12 -0000 On Wed, 2005-Sep-28 03:29:33 -0700, Luigi Rizzo wrote: >On Wed, Sep 28, 2005 at 02:21:53PM +0400, Yar Tikhiy wrote: >> On Sun, Sep 25, 2005 at 05:22:38AM +1000, Peter Jeremy wrote: >> > >> > Since I've recently needed it, neither bridge.c nor if_bridge.c allow >> > you to bridge VLAN trunks (you can bridge individual VLANs but that >> > becomes unwieldly when you have dozens of VLANs). I have code to do >> > this in bridge.c. >> >> Couldn't you bridge across the parent, or trunk, physical interfaces >> carrying tagged VLAN traffic then? (Of course, hardware support for >> VLAN should be turned off on them in that case.) That's actually what I was trying to do. >yes in fact i was wondering what's wrong with that because >we have been using bridge.c like this for ages now... The problem is that the current bridge code only considers the MAC address for forwarding. When VLANs are in use, this is incorrect as both the MAC address and VLAN tag must be considered. The difference is crucial when you have the same MAC address appearing in multiple VLANs. This can occur when using DECnet Phase IV or Solaris with Cassini NICs - both of which have a per-host MAC address rather than a per-NIC MAC address. As an example, consider a system with a host-based MAC address that has two NICs. One NIC attaches to VLAN 123 on switch a, the other attaches to VLAN 124 on switch b [this is the situation we have in our test lab]. If I then attempt to join trunks from both switches using bridge(4), it sees the same MAC address on both bridged interfaces and shuts down. In reality, this situation is safe because the MAC addresses are in different VLANs. -- Peter Jeremy