From owner-freebsd-net@freebsd.org Mon Apr 30 16:46:15 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3D27AFB0416 for ; Mon, 30 Apr 2018 16:46:15 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from mail-lf0-x22e.google.com (mail-lf0-x22e.google.com [IPv6:2a00:1450:4010:c07::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 812336D3D0 for ; Mon, 30 Apr 2018 16:46:14 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: by mail-lf0-x22e.google.com with SMTP id m18-v6so13029945lfb.0 for ; Mon, 30 Apr 2018 09:46:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xisfKAu41RoU3RVJdgswaVDkN9kE3diuDrbbCsIAiWA=; b=Cl/sudTTbbCEjRFUD3r621+X8bv6NXO2bXikmMslAbET1zl1GpbU2ivq+C6FZQtbjH 4ag3FNGqHFtGGI/vl/R9myKErh4KSHXJv1aMu2SVc6MAUE+Y0nQuPOa4wAm7nX8RJqp2 XcI50G8zH2Udn3noWvmyfTzYSbjp/+2KrgZIUUatpC6xWZA7TVe7+H2N2Ow3SNypQwbM NRk6jVB9++Xv9fWFMjxYFdFVeiwuZ9eWtvDCkAHSPZ4ILHycuX3txh0Wif4XgVJ5YsCa GRHFwzbqhTjZUtUxZudyMmokvI043mdMEjRynch3xLQrOfcwFqxCIdifVXAMiIZS2rcm uw4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xisfKAu41RoU3RVJdgswaVDkN9kE3diuDrbbCsIAiWA=; b=FSpmRsDKR4258uNvyWU80TiOZtLhsuKVZ6z9Ze2adb0Gxm9sLCxmiXXA6gH4hrCM3R RRrNvkkNMtQIkEf04SgfkYfJvzHNgVw0qXnPHA4QV9KZjZs9SquMux6G4TOM2ekwevUW adzjSM1X8kbmhscFFT6SP/8V78uTayYR7FtI2+OFfefzTlsRS6XdTv9Q66zA6ToORDXh 1m4ir1e4RCHN5/RrWSMv6zNi5bMq2IKOMQGJg6pABPBVQpJni3maTn6HNyb7rJsum4F3 twIf417y+tqVW0dRb0UXkmdxlqBg3cwgVhtlW4+mUHmGO/L3Y9V0/P5zwEeK0/cfhnC/ 4+6g== X-Gm-Message-State: ALQs6tBaaM8ZfMwwKHh8GhU8NfGU4bpv/ZCbdcBFgWIRwb7tprbYfG7O ihFTt0LVYLbxw2KBJw9u0XAHWp6t1Oj7ZAB1Ah4= X-Google-Smtp-Source: AB8JxZqiU7R7X/OIvbuF3lt4dQokO1sw+lfVxtsZGoVhvC46Awe0SNvDIVsRb8HSPOruAMX95PbU+MANpt2of5pgdmE= X-Received: by 2002:a2e:9949:: with SMTP id r9-v6mr6470904ljj.7.1525106773111; Mon, 30 Apr 2018 09:46:13 -0700 (PDT) MIME-Version: 1.0 Received: by 10.46.2.25 with HTTP; Mon, 30 Apr 2018 09:46:12 -0700 (PDT) In-Reply-To: <5AE4D1AC.3080702@grosbein.net> References: <5AE216DC.7010905@grosbein.net> <5AE33513.1000001@grosbein.net> <5AE34754.6040905@grosbein.net> <5AE34CFA.7000207@grosbein.net> <5AE437C1.8010706@grosbein.net> <5AE44ADD.7020302@grosbein.net> <5AE468D5.9030702@grosbein.net> <5AE4D1AC.3080702@grosbein.net> From: Freddie Cash Date: Mon, 30 Apr 2018 09:46:12 -0700 Message-ID: Subject: Re: NETGRAPH- bridge vlans using netgraph help To: Eugene Grosbein Cc: Abdullah Tariq , freebsd-net Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Apr 2018 16:46:15 -0000 On Sat, Apr 28, 2018 at 12:55 PM, Eugene Grosbein wrote: > 28.04.2018 21:57, Freddie Cash wrote: > > > If you want to think of it in switch terms, FreeBSD supports access > ports (untagged vlan) and trunk ports (tagged vlans). > > But there's no support for hybrid ports (tagged vlans with a PVID on th= e > port that adds tags to untagged traffic). > > Not entirely correct. As FreeBSD is not a switch, it by default does not > have nor need PVID notion at. > However, FreeBSD still can bridge incoming untagged frames with arbitrary > interface vlan. > =E2=80=8BWhat you wrote doesn't conflict with anything I said. You can have two interfaces, one configured directly (igb0), the other configured for a tagged vlan (vlan5 using igb1), and bridge them together to pass traffic between interfaces, yes. Nothing I wrote says you can't. Nor is this what the OP wants. You can't configure an interface in FreeBSD with vlan X, and accept untagged packets on that interface, and have those incoming packets tagged with vlan X after being received. (aka a hybrid port with a PVID set) Note: a single interface. What the OP is trying to do is have PC1 send untagged packets to igb0 on FreeBSD which is configured for tagged vlan 5. Then bridge the packets to igb1 which is also configured for tagged vlan 5. Then send the packets out, untagged, to PC2. With a switch, this is easy to do. You just mark the two ports as being part of untagged vlan 5 and you are done. FreeBSD doesn't have a concept of "untagged vlan 5" as there's no concept of a PVID on an interface. Maybe there's a way to do this via a virtual switch like openvswitch or VALE or similar (or maybe by mangling the packets via netgraph?), but that gets overly complicated and brittle, and is something better suited to a proper managed switch. Or to configuring PC1 and PC2 to send tagged packets. Or any other number of ways of properly configuring the network instead of trying to twist FreeBSD's network stack into shapes it was never meant to support. =E2=80=8BNote: this is knowledge gained from trying to configure interface= s to work with tagged and untagged vlans and things going wonky and then some (on FreeBSD and Linux, but the Linux side of things is horrible as you can actually mix tagged and untagged vlans on an interface but it just breaks things in weird and wonderful ways due to the way they pass tags around the stack). I haven't actually looked at the network stack code, so maybe there's a way to make this work, but in-the-field experience says it can't.= =E2=80=8B --=20 Freddie Cash fjwcash@gmail.com