problem with vlan interfaces tagging/untagging in a simulated switch box

Peter Jeremy peterjeremy at acm.org
Tue Mar 6 07:46:59 UTC 2012 

On 2012-Mar-06 09:15:57 +0330, h bagade <bagadeh at gmail.com> wrote:
>On 3/6/12, Peter Jeremy <peterjeremy at acm.org> wrote:
>> The following example diagram shows 3 distinct packet flows:
>> - packets tagged 5 in trunk1 and 6 in trunk0
>> - packets tagged 7 in trunk1 and 9 in trunk0
>> - packets tagged 8 in trunk0 and 10 in trunk2
>>
>>                  +-- vlan5 --- bridge1 --- vlan6 --+
>>                  |                                 |
>> trunk1 --- eth1 -+-  vlan7 --- bridge2 --- vlan9 --+-- eth0 --- trunk0
>>                                                    |
>>                                bridge3 --- vlan8 --+
>>                                   |
>>              trunk2 -- eth2 --- vlan10
>>
>I've described the function of Cisco switches in vlan
>tagging/untagging.

Real switches typically have everything tagged internally, with the
native VLAN tags added/removed at the ingress/egress ports.  This
simplifies the internal switch logic (at the expense of meaning that
tags have to be consistent across all trunks).

FreeBSD works differently.  Packets are _untagged_ internally and you
need a separate bridge(4) device for each broadcast domain (vlan).

> In your topology, packets should be tagged when
>recieved on real interfaces to be send out to vlan interfaces.

Packets are never tagged by real interfaces and always have tags
added/removed by vlan devices.

> It
>would be fine when two trunks are communicating because on both side
>packets are tagged. But as I mentioned before, Cisco switches receive
>packets on an interface untagged and then sending packets tagged out
>of trunk port, based on which interface it receives,

You can connect a physical interface (ethX) directly to a bridge device
to access untagged packets.  Note that I'm not sure whether it is safe
to access the native VLAN in a trunk in this way.

To continue the above example,
ifconfig bridge1 addm eth3
would result in packets arriving on eth3 leaving tagged as vlan 5 in
trunk1, vlan 6 in trunk0 and vice versa.

-- 
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20120306/7b14756a/attachment.pgp

More information about the freebsd-net mailing list