VLANs / Bridging / BPDU
From: Peter Wood (peter_at_alastria.net)
Date: 09/01/05
- Previous message: Barney Wolff: "Re: Testing Ethernet Ports"
- Next in thread: Peter Wood: "Re: VLANs / Bridging / BPDU"
- Reply: Peter Wood: "Re: VLANs / Bridging / BPDU"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 01 Sep 2005 21:57:50 +0100 To: freebsd-net@freebsd.org
Evening,
I'm having an issue with using vlans and bridging. The issue is probably
something that can be fixed in either FreeBSD or in the Cisco IOS.
I'll explain what I have. I've got a external router that's sitting on
vlan 20, also on 20 is a FreeBSD gateway which I intend to use as a
firewall for the raw internet. The gateway also sits on 10 to pass the
data to the machines protected by it.
Or that was the plan anyway, a shortened (snipped media/mac) version of
my ifconfig is as follows:
raw0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
status: active
vlan: 20 parent interface: em0
dmz0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.3.0.101 netmask 0xfff80000 broadcast 10.7.255.255
status: active
vlan: 10 parent interface: em0
So the idea is raw0 (renamed vlan interface) accepts the traffic from
the router, lets ipfw do it's work and then spits it back out via dmz0.
As you can see both cloned vlan interfaces are on em0 on a 802.1Q trunk
to a Cisco 2950.
I am however having an issue with BPDU, the Cisco recognizes what it
considers to be a loop in the topology. What I assume is that the Cisco
is sending a BPDU packet out on VLAN10, the FreeBSD machine is passing
that packet back out via VLAN20 (as I guess the bridge should), which
the Cisco receives again, assumes a switch loop and blocks both of the
vlan interfaces.
Cisco errors are as follows:
%SPANTREE-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id
20 on GigabitEthernet0/1 VLAN10.
%SPANTREE-2-BLOCK_PVID_PEER: Blocking GigabitEthernet0/1 on VLAN0020.
Inconsistent peer vlan.
%SPANTREE-2-BLOCK_PVID_LOCAL: Blocking GigabitEthernet0/1 on VLAN0010.
Inconsistent local vlan.
Now after writing this I'm thinking it's more a switch issue then a
FreeBSD one, especially as the only other hit for the first Cisco
message (apart from Cisco docs) is a thread for linux describing exactly
the same problem with their bridging.
Of which can be seen at:
http://www.mail-archive.com/bridge@lists.osdl.org/msg00147.html
However if anyone has any suggestions or has seen this issue, I'd be
very greatful. Would it be possible to get the bridge to block BPDU
(ugly hack I'm sure).
Cheers,
Pete.
-- Peter Wood BSc (Hons) :: <peter@alastria.net> :: Tel +44 1606 828010 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Barney Wolff: "Re: Testing Ethernet Ports"
- Next in thread: Peter Wood: "Re: VLANs / Bridging / BPDU"
- Reply: Peter Wood: "Re: VLANs / Bridging / BPDU"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
