Re: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?

asegu_at_borgtech.ca
Date: 12/19/04

Next message: Heinz Knocke: "Re: Marvell 88E8001 on sk0 and RELENG_5_3 - big problems"

Previous message: Bosko Milekic: "Re: Dingo and PerForce"
In reply to: Nickolay A. Kritsky: "Re: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?"
Next in thread: Nickolay A. Kritsky: "RE: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?"
Reply: Nickolay A. Kritsky: "RE: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 19 Dec 2004 20:33:57 -0000 (GMT)
To: freebsd-net@freebsd.org

Ok, the whole discussion to date led to how VLAN traffic wasn't being
registered by IPFW in my system. I think that it'll probably be too late
for a code change to fix my problem, so I'm going to go the route of
changing the network configuration.

I've rebuilt to 4.10 and.. And I had no luck there (IPFW _really_ doesn't
see the traffic now!). On the other hand, I've read about vlan pseudo-dev
and goten myself access to the switch's configuration.

So tomorrow evening I plan on changing the vlan id used to 3, and then in
freebsd, use the following configuration(and I post this to the list to
see if anybody knows that this is going to fail)

fxp1 --> router (uses ID 2)
fxp0 --> switch (uses ID 2, will switch to ID 3)
ifconfig vlan1 vlan 3 vlandev fxp0
ifconfig vlan0 vlan 2 vlandev fxp1

sysctl net.link.ether.bridge_cfg=vlan1,vlan0
sysctl net.link.ether.bridge_ipfw=1

Does anybody think this will allow IPFW to see the packets? or that this
will outright fail?

Thank you everybody,
Andrew
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Next message: Heinz Knocke: "Re: Marvell 88E8001 on sk0 and RELENG_5_3 - big problems"

Previous message: Bosko Milekic: "Re: Dingo and PerForce"
In reply to: Nickolay A. Kritsky: "Re: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?"
Next in thread: Nickolay A. Kritsky: "RE: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?"
Reply: Nickolay A. Kritsky: "RE: FW: Curiosity in IPFW/Freebsd bridge. [more] 802.1q VLAN at fault?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: [was] addition to ipfw (read vlans from bridge)..
... into the packet as well as the packet, then yes I like that idea, ... At the moment I plan the ipfw code to be unaware of vlan headers. ... What we need to do is make a convention so that vlan tags are always ...
(freebsd-net)
Re: [was] addition to ipfw (read vlans from bridge)..
... I have redone this patch in a different manner. ... Basically if it is a vlan packet, take off the whole vlan header instead ... fiddling with the mbuf contents in favour of teaching ipfw (or the ... to handle vlan tags as well. ...
(freebsd-net)
Re: LOR/page fault panic vfs_mountroot
... Dual processor box. ... > kernel has vlan, ipfw, and dummynet enabled, but this doesn't ...
(freebsd-current)
Re: [was] addition to ipfw (read vlans from bridge)..
... I have redone this patch in a different manner. ... Basically if it is a vlan packet, take off the whole vlan header ... instead of just the ether header, but pass to ipfw, an ether header ...
(freebsd-net)