Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Apr 2022 23:20:02 +0200
From:      Lutz Donnerhacke <lutz@donnerhacke.de>
To:        "Patrick M. Hausen" <hausen@punkt.de>
Cc:        Benoit Chesneau <benoitc@enki-multimedia.eu>, "freebsd-net@FreeBSD.org" <freebsd-net@FreeBSD.org>
Subject:   Re: how to bridge "native" vlan?
Message-ID:  <20220423212002.GC3774@belenus.iks-jena.de>
In-Reply-To: <8E5C5DFB-B029-4B32-A67B-D09042ACCEE3@punkt.de>
References:  <mOEoiwDtLyUdBfav7_Ygz5qfW3nQuT7KM1CnKoXN4haHc-j3gQIYC5GK-eIsCWScLlBhntQNZr42XD-2txcOpHG1rykfrb8CbWvcP84iXxs=@enki-multimedia.eu> <8E5C5DFB-B029-4B32-A67B-D09042ACCEE3@punkt.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Apr 21, 2022 at 02:11:54PM +0200, Patrick M. Hausen wrote:
> > Am 21.04.2022 um 11:29 schrieb Benoit Chesneau <benoitc@enki-multimedia.eu>:
> > I have an interface on which multiple vlans are connected. I would like to bridge the vlan 100 and 200 but also have a bridge for the "native" vlan 1. I Can setup a bridge for vlan 100 and 200 the way below I think but how to create a bridge for  the "native" vlan?
> 
> I don't have any experience with netgraph but I do know that
> you cannot do that with if_bridge(4). If you make the physical
> interface the member of a bridge, you cannot use additional
> VLANs on that interface, anymore.
> 
> Does anybody know if the same restriction applies to ng_bridge(4)?

ng_bridge does not inspect the ethertypes only the mac addresses of the frames.
So you can split the VLANs using ng_vlan and connect them to the three bridges:

: mkpeer em0: vlan lower downstream
: name em0:lower vlan0
: mkpeer vlan0: bridge 100 0
: mkpeer vlan0: bridge 200 0
: mkpeer vlan0: bridge nomatch 0
: msg vlan0: addfilter { vid=100 hook="100" }
: msg vlan0: addfilter { vid=200 hook="200" }
: name vlan0:100 bridge100
: name vlan0:200 bridge200

: mkpeer em1: vlan lower downstream
: name em1:lower vlan1
: connect vlan1: bridge100: 100 1
: connect vlan1: bridge200: 200 1
: connect vlan1: bridge_untagged: nomatch 1
: msg vlan1: addfilter { vid=100 hook="100" }
: msg vlan1: addfilter { vid=200 hook="200" }

: mkpeer em2: vlan lower downstream
: name em2:lower vlan2
: connect vlan2: bridge100: 100 2
: connect vlan2: bridge200: 200 2
: connect vlan2: bridge_untagged: nomatch 2
: msg vlan2: addfilter { vid=100 hook="100" }
: msg vlan2: addfilter { vid=200 hook="200" }

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220423212002.GC3774>