Re: CFR: bridge locking
From: Doug Ambrisko (ambrisko_at_ambrisko.com)
Date: 08/21/03
- Previous message: Daniel C. Sobral: "Re: CFR: bridge locking"
- In reply to: Daniel C. Sobral: "Re: CFR: bridge locking"
- Next in thread: Daniel C. Sobral: "Re: CFR: bridge locking"
- Reply: Daniel C. Sobral: "Re: CFR: bridge locking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "Daniel C. Sobral" <dcs@tcoip.com.br> Date: Thu, 21 Aug 2003 10:13:14 -0700 (PDT)
Daniel C. Sobral writes:
| Doug Ambrisko wrote:
| > Daniel C. Sobral writes:
| > | If you get bridge to send/receive packets to/from vlan interfaces
| > | attached to them, I'll be forever grateful.
| > |
| > | I've been trying to configure a setup where a firewall is connected to
| > | redundant switches, but no solution I found could handle the vlan
| > | attachments. :-(
| >
| > I assuming you are using SW VLANs then you need this. There is supposed
| > to be work to fix this correctly in progress but this works for
| > me when bridging VLANs.
|
| This didn't work for me. I don't know if I'm using SW or HW vlans. But
| since I can see the vlan packets with tcpdump, I tend to believe it
| would be SW vlans.
|
| The test I'm doing is the following:
|
| kldload bridge
| sysctl net.link.ether.bridge=1
| sysctl net.link.ether.bridge_cfg="fxp1 fxp3"
| ifconfig fxp1 up
| ifconfig fxp3 up
| ifconfig vlan0 create
| ifconfig vlan0 vlan 999 vlandev fxp1
| ifconfig vlan0 200.220.254.190/26
|
| On the switch side, the port connected to fxp1 is down and the one
| connected to fxp3 is up. Next, I ping all around. What I see with your
| patch is:
|
| ARP packets received on fxp3 go to fxp1 but not vlan0.
| ARP packets sent through vlan0 go to fxp1 but not fxp3.
|
| This is 4.7-RELEASE. The patch did not apply cleanly, but I went through
| it and fixed all failed chunks.
|
| (yes, this is pretty much like the other message I sent -- the results
| were the same, but then I wondered if I hadn't made an error in one of
| the above steps and went back to test it again, so, in the mean time, I
| copied the above to the other message, adjusted, and set that reply. :)
No my mistake ... I was thinking you were trying to bridge the
traffic out of the FreeBSD vlan device. That is what my patch fixes.
Sorry.
For kicks you could try netgraph bridging. I found it sometimes works
better. Tweak the script in /usr/share/example/netgraph. For some
purposes I use bridge others I use the netgraph version. Depends on
the need.
FWIW I have created a vmnet iface then bridged to it. However, for it
to work with netgraph you need to make it work. I use vmnet since it
is persistant and I can just do an
echo -n > /dev/vmnet1
to create it. Then I can do various things to it. So you could run
the vlan off vmnet1 and then bridge it to the others.
Doug A.
Index: if_tap.c
===================================================================
RCS file: /cvs/src/sys/net/if_tap.c,v
retrieving revision 1.3.2.3
diff -c -r1.3.2.3 if_tap.c
*** if_tap.c 14 Apr 2002 21:41:48 -0000 1.3.2.3
--- if_tap.c 22 Aug 2003 00:08:45 -0000
***************
*** 426,431 ****
--- 426,432 ----
return (dummy);
case SIOCSIFFLAGS: /* XXX -- just like vmnet does */
+ tapifinit(tp);
case SIOCADDMULTI:
case SIOCDELMULTI:
break;
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Daniel C. Sobral: "Re: CFR: bridge locking"
- In reply to: Daniel C. Sobral: "Re: CFR: bridge locking"
- Next in thread: Daniel C. Sobral: "Re: CFR: bridge locking"
- Reply: Daniel C. Sobral: "Re: CFR: bridge locking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
