On 2012-Mar-06 09:15:57 +0330, h bagade <baga...@gmail.com> wrote: >On 3/6/12, Peter Jeremy <peterjer...@acm.org> wrote: >> The following example diagram shows 3 distinct packet flows: >> - packets tagged 5 in trunk1 and 6 in trunk0 >> - packets tagged 7 in trunk1 and 9 in trunk0 >> - packets tagged 8 in trunk0 and 10 in trunk2 >> >> +-- vlan5 --- bridge1 --- vlan6 --+ >> | | >> trunk1 --- eth1 -+- vlan7 --- bridge2 --- vlan9 --+-- eth0 --- trunk0 >> | >> bridge3 --- vlan8 --+ >> | >> trunk2 -- eth2 --- vlan10 >> >I've described the function of Cisco switches in vlan >tagging/untagging.
Real switches typically have everything tagged internally, with the native VLAN tags added/removed at the ingress/egress ports. This simplifies the internal switch logic (at the expense of meaning that tags have to be consistent across all trunks). FreeBSD works differently. Packets are _untagged_ internally and you need a separate bridge(4) device for each broadcast domain (vlan). > In your topology, packets should be tagged when >recieved on real interfaces to be send out to vlan interfaces. Packets are never tagged by real interfaces and always have tags added/removed by vlan devices. > It >would be fine when two trunks are communicating because on both side >packets are tagged. But as I mentioned before, Cisco switches receive >packets on an interface untagged and then sending packets tagged out >of trunk port, based on which interface it receives, You can connect a physical interface (ethX) directly to a bridge device to access untagged packets. Note that I'm not sure whether it is safe to access the native VLAN in a trunk in this way. To continue the above example, ifconfig bridge1 addm eth3 would result in packets arriving on eth3 leaving tagged as vlan 5 in trunk1, vlan 6 in trunk0 and vice versa. -- Peter Jeremy
pgphisjpKbXaP.pgp
Description: PGP signature
