Peter Cornelius wrote:
- On my router, why do I have to set the base interface to
promiscuous mode in order to get packets from/to my vlans through? Am
I doing something wrong? Are there any implications of working this

Hm, the promiscuous mode must be needed for the vlan driver.
But you don't have to set it.

I can't think of any implication in a switched ethernet environment.

It is just that every frame received from the cable is offered
to the operating system for further evaluation. In a switched
ethernet environment every frame that will reach your card will
be either:
1) for you.
2) a broadcast frame.
3) a multicast frame.

Things would be very different, if your system was connected to a
hub where a multitude of frames(every frame on the ethernet) would
be interrupting the kernel for no reason.

- On my "server", is there any way to set up individual
"default" routes (to the router) for each of the vlans short of
tucking the ezjails behind the vlan interfaces each into their own
FIB (btw,. has anyone ever done that?)?

Yes, from FreeBSD-7.1 and beyond, there is support
for up to 16 routing tables. Use the setfib command
to select routing table for outgoing connections.
Something like, "setfib 10 jail $JAILOPTSANDARGS",
in the jail case. You have to compile a kernel
with the option ROUTETABLES=n. Read the message for
revision 1.1485 from here:

