Date: Sun, 11 Sep 2005 01:49:35 -0700 From: Blake Covarrubias <blake@yfug.yumaed.org> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-isp@freebsd.org Subject: Re: VLAN interfaces on FreeBSD; performance issues Message-ID: <E2ADC8F5-3BFF-4140-82C1-E7083F25CC81@yfug.yumaed.org> In-Reply-To: <4322FDC4.8010609@mac.com> References: <ED8E7F5B-7E3F-40D8-8993-76E9AB8226F9@yfug.yumaed.org> <4322FDC4.8010609@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 10, 2005, at 8:37 AM, Chuck Swiger wrote: > Blake Covarrubias wrote: > >> I have a question about VLAN interfaces on FreeBSD. I've read the >> documentation and have set them up on a machine. After doing so >> though the machine seems less network responsive. Does >> implementing VLAN interfaces / tagging slow down network >> performance? >> > > Some, yes, although not by much and that depends to some extent on > whether your NIC has VLAN_MTU hardware support. I'm not sure if VLAN_MTU is available or enabled on my NIC. I will have to check that. > > >> The reason for wanting VLAN tagging is the machine has once NIC >> and I wanted >> to multi-home it without having to install another NIC. The >> network card is >> using the 'fxp' driver. >> > > fxp is a good NIC hardware. However, if you are trying to connect > two distinct subnets, playing ISO layer-2 games with VLANs is not > going to result in a good substitute for layer-3 IP routing. > > You cannot truthfully multihome a machine with a single NIC. > My goal is to make this machine a gateway for several servers that I need to segment that will be on different IP subnets. I could always just alias the IP's to the NIC on the gateway machine, but I need layer-2 separation for security. I'm doing this for co-located servers (hence the need for segmentation) I don't think its feasible to add a NIC for every new machine. I'll check to see if VLAN_HWTAGGING and VLAN_MTU is available on the NIC. If anyone has any other experience in setting up a router/ gateway in this type of environment I'd appreciate your input. Thanks in advance. -- Blake Covarrubias
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E2ADC8F5-3BFF-4140-82C1-E7083F25CC81>