problem with vlan interfaces tagging/untagging in a simulated switch box

Sun Mar 11 06:50:13 UTC 2012

let me explain my problem with this type of topology when I want to
simulate a switch like cisco


eth1 -+ --- bridge1 --- vlan9 --+-- eth0 --- trunk0
                                                                         |
                  eth2 -+ --- bridge2 --- vlan8 --+

On 3/6/12, Peter Jeremy <peterjeremy at acm.org> wrote:
> On 2012-Mar-06 09:15:57 +0330, h bagade <bagadeh at gmail.com> wrote:
>>On 3/6/12, Peter Jeremy <peterjeremy at acm.org> wrote:
>>> The following example diagram shows 3 distinct packet flows:
>>> - packets tagged 5 in trunk1 and 6 in trunk0
>>> - packets tagged 7 in trunk1 and 9 in trunk0
>>> - packets tagged 8 in trunk0 and 10 in trunk2
>>>
>>>                  +-- vlan5 --- bridge1 --- vlan6 --+
>>>                  |                                 |
>>> trunk1 --- eth1 -+-  vlan7 --- bridge2 --- vlan9 --+-- eth0 --- trunk0
>>>                                                    |
>>>                                bridge3 --- vlan8 --+
>>>                                   |
>>>              trunk2 -- eth2 --- vlan10
>>>
>>I've described the function of Cisco switches in vlan
>>tagging/untagging.
>
> Real switches typically have everything tagged internally, with the
> native VLAN tags added/removed at the ingress/egress ports.  This
> simplifies the internal switch logic (at the expense of meaning that
> tags have to be consistent across all trunks).
>
> FreeBSD works differently.  Packets are _untagged_ internally and you
> need a separate bridge(4) device for each broadcast domain (vlan).
>
>> In your topology, packets should be tagged when
>>recieved on real interfaces to be send out to vlan interfaces.
>
> Packets are never tagged by real interfaces and always have tags
> added/removed by vlan devices.
>
>> It
>>would be fine when two trunks are communicating because on both side
>>packets are tagged. But as I mentioned before, Cisco switches receive
>>packets on an interface untagged and then sending packets tagged out
>>of trunk port, based on which interface it receives,
>
> You can connect a physical interface (ethX) directly to a bridge device
> to access untagged packets.  Note that I'm not sure whether it is safe
> to access the native VLAN in a trunk in this way.
>
> To continue the above example,
> ifconfig bridge1 addm eth3
> would result in packets arriving on eth3 leaving tagged as vlan 5 in
> trunk1, vlan 6 in trunk0 and vice versa.
>
> --
> Peter Jeremy
>