Suggesting for fixing VLAN bridging the right way
Doug Ambrisko
ambrisko at ambrisko.com
Thu Jul 3 13:11:32 PDT 2003
I'm trying to bridge VLAN traffic to network that doesn't have that VLAN,
something like:
(vlan network) -> fxp0 -> vlan0 <- FreeBSD bridge -> rl0 (no tag)
Both of the networks are the same except one side is tagged the other
has no tag.
It works fine in the "no tag" -> "tag" direction. It fails in the
"tag" -> "no tag" direction since ether_demux we bail out on this
check:
if (!(BDG_ACTIVE(ifp))) {
/*
* Discard packet if upper layers shouldn't see it because it
* was unicast to a different Ethernet address. If the driver
* is working properly, then this situation can only happen
* when the interface is in promiscuous mode.
*/
if ((ifp->if_flags & IFF_PROMISC) != 0
&& (eh->ether_dhost[0] & 1) == 0
&& bcmp(eh->ether_dhost,
IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0
&& (ifp->if_flags & IFF_PPROMISC) == 0) {
m_freem(m);
return;
}
}
since it doesn't consider VLAN tagged packets coming in the headers
won't match this paradigm so the packets get through out. I did a quick
hack and changed it to:
if (!(BDG_ACTIVE(ifp))) {
/*
* Discard packet if upper layers shouldn't see it because it
* was unicast to a different Ethernet address. If the driver
* is working properly, then this situation can only happen
* when the interface is in promiscuous mode.
*/
if ((ifp->if_flags & IFF_PROMISC) != 0
&& (eh->ether_dhost[0] & 1) == 0
&& bcmp(eh->ether_dhost,
IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0
&& (ifp->if_flags & IFF_PPROMISC) == 0) {
/*
* Let VLAN packets go to the SW VLAN node needed for
* bridging
*/
if (! (vlan_input_p != NULL
&& ntohs(eh->ether_type) == ETHERTYPE_VLAN )) {
m_freem(m);
return;
}
}
}
That makes it work. I rather doubt this is the right solution.
Suggestions greatly appreciated. This issue is in -current and -stable.
Thanks,
Doug A.
More information about the freebsd-net
mailing list