Date: Sat, 24 Nov 2001 13:00:22 -1000 From: Richard Puga <puga@mauibuilt.com> To: Dru <genisis@istar.ca> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW/VLAN Message-ID: <3C002685.AE3A0D1@mauibuilt.com> References: <20011124082416.R76925-100000@x1-6-00-50-ba-de-36-33.kico1.on.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes I do have the vlan entry in my kernel. I have tried it with and without. The MTU of the fxp cards it set to its new default of 1500 (as of 4.4) and curiously enough can not be set higher as the maximum length of an ether net packet is 1518. The bridge passes the 802.1q packets just fine and I can view them with tcpdump. it seems that ipfw ignores them, either treating them as a malformed ether net packet or one that is not ip.. im not sure that's just a guess.. Thanks for your reply Richard Puga puga@mauibuilt.com Dru wrote: > On Fri, 23 Nov 2001, Chuck Root wrote: > > > I am trying to use a freebsd box with 2 fxp NIC's in it as a firewall > > between 2 points on a 802.1q tagged vlan trunk. > > > > I am bridging the interfaces using the BRIDGING option in the kernel and > > I am using ipfw to filter pakets. > > > > The bridge and ipfw work fine with normal pakets but the ones with > > 802.1q tages slip right on by. > > > > is there any way to do this? > > > > I have tried bridging the vlans them selfs with no luck. > > Hi Richard, > > Do you have the following line in your kernel config file? > > pseudo-device vlan 2 > > Also, what is the MTU on the fxps? > > HTH, > > Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C002685.AE3A0D1>