Bridges on VLAN-tagged interfaces.
Kyle Evans
kevans at freebsd.org
Wed May 29 13:52:25 UTC 2019
[I cast level 3 necromancy and revive this thread from the dead]
On Tue, Mar 19, 2019 at 4:02 AM Eric Bautsch <eric.bautsch at pobox.com> wrote:
>
> Hi Patrick.
>
>
> I get that point, but then I have two options only: I somehow convince the BIOS
> to do a network boot over a VLAN for installation - not a capability this BIOS
> appears to have, or I end up creating a whole new VLAN that's either routed or
> has YP, DNS, time and installation servers on it. That's a massive headache....
>
> It'd be much neater if FreeBSD could handle the tagged/untagged traffic. It just
> works (TM) on Solaris and Linux, so I expected it to do the same on FreeBSD... :-(
>
> Surely, there must be a way....
>
This is a product of how vlans and bridges work on FreeBSD, but I
think it doesn't have to be this way. Let's break it down: re0.33 is a
vlan(4) attached to re0. Ordinary traffic coming in on vlan 33 does
this little dance number:
incoming -> re0:ether_input -> ether_demux -> vlan_input -> re0.33:ether_input
Let's mix it up: add re0.33 to a bridge0. Traffic is passed to
potential bridge for processing in ether_input_internal prior to
ether_demux, so you end up with this setup:
incoming -> re0:ether_input -> ether_demux -> vlan_input ->
re0.33:ether_input -> bridge0:bridge_input -> ether_demux
Now let's evolve into our final form. add re0 to bridge1; this is what
I'm most certain is happening
incoming -> re0:ether_input -> bridge1:bridge_input -> bridge_forward
oops. bridge1 grabs the re0 packet before we have a chance to do any
vlan processing. Traffic isn't bound for *this* bridge or any of the
other interfaces, so it will perform the bridge forwarding function
and everything goes off the rails.
This is not an unsolvable problem, though, from a developer
perspective. I think if_bridge(4) simply needs to be taught a little
about if_vlan(4) (needs more hooks...) so that traffic coming in on
re0 with a vlan that matches an if_vlan(4) interface doesn't get
snagged in the wrong bridge too early.
Thanks,
Kyle Evans
More information about the freebsd-net
mailing list