Re: Disabling VLAN_HWTAGGING
From: Ruslan Ermilov (ru_at_freebsd.org)
Date: 03/30/04
- Previous message: Crist J. Clark: "Re: IPSec troubles"
- In reply to: Julian Elischer: "Re: Disabling VLAN_HWTAGGING"
- Next in thread: Jacob S. Barrett: "Re: Disabling VLAN_HWTAGGING"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 30 Mar 2004 11:09:27 +0300 To: Julian Elischer <julian@elischer.org>
On Mon, Mar 29, 2004 at 01:14:46PM -0800, Julian Elischer wrote:
>
>
> On Mon, 29 Mar 2004, David Gilbert wrote:
>
> > >>>>> "Julian" == Julian Elischer <julian@elischer.org> writes:
> >
> > >> itself. No matter how it's set, in both Linux and FreeBSD, many
> > >> nge chipsets will not show vlan packets from the driver with a
> > >> tcpdump.
> >
> > Julian> netgraph interception?
> >
> > I don't understand the question. If you have a vlan on nge0, and you
> > tcpdump the vlan interface, you get what you expect. If you tcpdump
> > the nge0 interface, you get all the packets from all the vlans without
> > vlan tags to differentiate. The FreeBSD and Linux drivers share this
> > behaviour.
>
> I was just pointing out that if tcpdump seems to not catch some things
> you can also try netgraph interception..
> But apparently from what you say it's not needed.
>
This is more convoluted than it seems.
In 4.x, if the interface supports VLAN stripping in firmware,
the driver calls if_vlan.c:vlan_input_tag() which "fakes up" a
normal VLAN header and passes it to BPF for inspection. OTOH,
vlan_input_tag() also searches through the list of all vlan(4)
interfaces attempting to find an interface with the matching
VLAN tag, so ng_vlan(4) doesn't have a chance of working in
RELENG_4 for NIC drivers that support stripping VLAN tags in
firmware.
In 5.x, drivers always call ether_input() which has proper
hooks into Netgraph (so ng_vlan(4) always works), but it
doesn't "fake up" the VLAN header as vlan_input_tag() does
in RELENG_4, so you cannot see the original VLAN packet --
you see the VLAN-stripped packet on the parent interface
(I will look into fixing it later)!
In any case, you cannot see the "normal" VLAN packet with
tcpdump(1) on originating host that does the VLAN insertion
in firmware. (You need to set the IFF_LINK0 flag on the
vlan(4) interface in RELENG_4 to tell it that the parent
device supports VLAN insertion in firmware.)
Cheers,
-- Ruslan Ermilov ru@FreeBSD.org FreeBSD committer
- application/pgp-signature attachment: stored
- Previous message: Crist J. Clark: "Re: IPSec troubles"
- In reply to: Julian Elischer: "Re: Disabling VLAN_HWTAGGING"
- Next in thread: Jacob S. Barrett: "Re: Disabling VLAN_HWTAGGING"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
