Geoff Roberts wrote:
I find I have to give the ext0 interface an IP address in order for routing
and packet filtering to work on the attached VLANs.
This shouldn't be the case. The "ext0" interface should not need an IP
address for the two vlanX interfaces to function correctly. Are you
sure you're setting the vlandev on the child interfaces? Perhaps you
need to force the ext0 interface "up". If em0 is your external/trunk
interface, you should have something like:
ifconfig_vlan0 ="inet X.X.X.X netmask X.X.X.X vlan 0 vlandev em0 up"
ifconfig_vlan1 ="inet X.X.X.X netmask X.X.X.X vlan 1 vlandev em0 up"
After that, you should be able to simply filter on the vlan0 and vlan1
interfaces using pf.
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"