Fwd: 801.Q VLAN questions (potential bug?)

From: emil (emilholt_at_gmail.com)
Date: 07/24/04

  • Next message: Matthew Seaman: "Re: Installing php4" 
    Date: Sat, 24 Jul 2004 12:32:10 +0200
To: freebsd-questions@freebsd.org

    I don't know if this is more of a -hackers question or not, but I've
    come across something weird when trying to resolve the problem stated
    below;
    There's actually one single frame being sent across the network with a
    valid dot1q vlan tag,
    and that is being transmitted when a client signs on to the WLAN.
    Then all following traffic shows up as without any vlan tags.
    Is this a bug with IOS/FreeBSD 5.2.1 or just some other weirdness?

    regards
    /emil

    ---------- Forwarded message ----------
    From: emil <emilholt@gmail.com>
    Date: Fri, 23 Jul 2004 13:47:39 +0200
    Subject: 801.Q VLAN questions
    To: freebsd-questions@freebsd.org

    Hello,
    I'm currently in the middle of setting up a couple of Cisco Aironet
    1100 802.11b/g access points.
    I've configured the APs so that they tag ethernet frames depending on
    what SSID is being used by the WLAN users.
    (One public and one private SSID).
    Behind the APs I've set up a FreeBSD 5.2.1p9 box with pf
    (/usr/ports/security/pf) installed.

    The FBSD machine currently has 3 intel (fxp) ethernet interfaces:
    fxp0, management interface.
    fxp1 interface connected to a small dumb switch which the APs are
    hooked up to, currently no IP adress configured.
    fxp2 interface connected to the "net", currently no IP adress configured.

    Then I also have 2 vlan interfaces with the respective VLAN ID's set,
    they use fxp1 as their parent interface.

    What I want to do is to bridge fxp1 and fxp2 and then have pf filter
    the traffic on the vlans.

    However, the FBSD machine seems to completely ignore the 802.1Q tags,
    and not separate the traffic coming to fxp1.

    So does the hive mind have any ideas of what to do?

    TIA
    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Matthew Seaman: "Re: Installing php4"

    Relevant Pages

    • Fwd: 801.Q VLAN questions (potential bug?)
      ... valid dot1q vlan tag, ... Then all following traffic shows up as without any vlan tags. ... fxp0, management interface. ... they use fxp1 as their parent interface. ...
      (freebsd-hackers)
    • Cisco 877w: Fa0-3 Interfaces up but no traffic passes
      ... Data Vlan101 only, no voice vlan required, WPA ... output errors, 0 collisions, 0 interface resets ... switchport trunk native vlan 101 ... bridge-group 101 subscriber-loop-control ...
      (comp.dcom.sys.cisco)
    • Re: Need help adding device to new vlan
      ... The vlan 99 ... - If I assign an ip address to the vlan 199 interface, ... switchport trunk encapsulation dot1q ... switchport trunk allowed vlan 40,51,99,199,997,998 ...
      (comp.dcom.sys.cisco)
    • Re: 2600 router + 2924 switch and vlans
      ... I can route from a port ... assigned to the def vlan, but not from any port assigned to vlan 2 ... interface FastEthernet0/0 ... switchport trunk encapsulation isl ...
      (comp.dcom.sys.cisco)
    • Need help adding device to new vlan
      ... The vlan 99 ... - If I assign an ip address to the vlan 199 interface, ... switchport trunk allowed vlan 40,51,99,199,997,998 ... no ip proxy-arp ...
      (comp.dcom.sys.cisco)