Date: Sun, 11 Mar 2012 10:20:12 +0330 From: h bagade <bagadeh@gmail.com> To: Peter Jeremy <peterjeremy@acm.org> Cc: freebsd-net <freebsd-net@freebsd.org> Subject: Re: problem with vlan interfaces tagging/untagging in a simulated switch box Message-ID: <CAKWOZ6WrYrFso7nhxqi_5Nm0Z8_YWNJwt5FaAjVS3dEeBRjCOA@mail.gmail.com> In-Reply-To: <20120306074655.GA71641@server.vk2pj.dyndns.org> References: <CAKWOZ6VH5Jv9kd-QuCM3oiukwTUajMAOvmGeg1uofNa4A3UXjA@mail.gmail.com> <20120305084359.GA56606@server.vk2pj.dyndns.org> <CAKWOZ6Vog_uxEn8ea4Jm=RS_R0PHZ0Y9jndsFdn8OfHC5gPCNg@mail.gmail.com> <20120305222811.GA64183@server.vk2pj.dyndns.org> <CAKWOZ6Uqwgw7ro=_Sn8ycUPtC2BAYiAuBKza4W8-WL-gNScKrg@mail.gmail.com> <20120306074655.GA71641@server.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
let me explain my problem with this type of topology when I want to
simulate a switch like cisco
eth1 -+ --- bridge1 --- vlan9 --+-- eth0 --- trunk0
|
eth2 -+ --- bridge2 --- vlan8 --+
On 3/6/12, Peter Jeremy <peterjeremy@acm.org> wrote:
> On 2012-Mar-06 09:15:57 +0330, h bagade <bagadeh@gmail.com> wrote:
>>On 3/6/12, Peter Jeremy <peterjeremy@acm.org> wrote:
>>> The following example diagram shows 3 distinct packet flows:
>>> - packets tagged 5 in trunk1 and 6 in trunk0
>>> - packets tagged 7 in trunk1 and 9 in trunk0
>>> - packets tagged 8 in trunk0 and 10 in trunk2
>>>
>>> +-- vlan5 --- bridge1 --- vlan6 --+
>>> | |
>>> trunk1 --- eth1 -+- vlan7 --- bridge2 --- vlan9 --+-- eth0 --- trunk0
>>> |
>>> bridge3 --- vlan8 --+
>>> |
>>> trunk2 -- eth2 --- vlan10
>>>
>>I've described the function of Cisco switches in vlan
>>tagging/untagging.
>
> Real switches typically have everything tagged internally, with the
> native VLAN tags added/removed at the ingress/egress ports. This
> simplifies the internal switch logic (at the expense of meaning that
> tags have to be consistent across all trunks).
>
> FreeBSD works differently. Packets are _untagged_ internally and you
> need a separate bridge(4) device for each broadcast domain (vlan).
>
>> In your topology, packets should be tagged when
>>recieved on real interfaces to be send out to vlan interfaces.
>
> Packets are never tagged by real interfaces and always have tags
> added/removed by vlan devices.
>
>> It
>>would be fine when two trunks are communicating because on both side
>>packets are tagged. But as I mentioned before, Cisco switches receive
>>packets on an interface untagged and then sending packets tagged out
>>of trunk port, based on which interface it receives,
>
> You can connect a physical interface (ethX) directly to a bridge device
> to access untagged packets. Note that I'm not sure whether it is safe
> to access the native VLAN in a trunk in this way.
>
> To continue the above example,
> ifconfig bridge1 addm eth3
> would result in packets arriving on eth3 leaving tagged as vlan 5 in
> trunk1, vlan 6 in trunk0 and vice versa.
>
> --
> Peter Jeremy
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKWOZ6WrYrFso7nhxqi_5Nm0Z8_YWNJwt5FaAjVS3dEeBRjCOA>