> What type of upstream device is em0 connected to? Is it a simple modem, > (e.g. an ONT) or a router of some sort?
It turned out that the device in the other end needed to be replaced. > Going a bit deeper, to explain my questions above: > 802.1Q VLANs are basically a tag that gets attached to a packet's > header. And it is perfectly possible for both types of packets to > coexist in the same "wire". Some of them might be tagged, some of them > might not. > > When you create a VLAN interface with a physical interface as its parent > (like your vlan101 on em0) you are telling the kernel "pick up all > packets that arrive on this interface and that have this specific tag, > and bring them to me", for incoming traffic, and "take any packet I am > sending out of this interface and attach this VLAN tag to it". > > Sidenote: this can be replicated many times, so you can have multiple > VLANs being handled by different interfaces, with different IPs on > different subnets, etc, all sharing the same wire, while being > segregated (hence the name "virtual LANs"). > > As I said above, tagged and untagged traffic can coexist, and all > untagged packets will still be routed through the physical interface > (em0). > > Routers and some switches can add/remove tags from packets (e.g. you can > tell a switch to do something like "Get all vlan101 traffic from port 1, > strip the tag, and send it out on port 8, untagged. Also, get all > incoming untagged traffic from port 8, and tag it with vlan101", etc). > > > Try bringing both interfaces down, remove their IP addresses (ifconfig > em0 -inet), run: > > tcpdump -ti em0 port \(66 or 67\) > > on a terminal and then bring both interfaces up on a different terminal > and see what comes up. > > As I said above, tagged and untagged traffic coexist on the physical > interface, so VLAN tagged traffic (i.e. packets that you will get on the > vlan101 interface) will show up in lines starting with > > 802.1Q vid 101 pri 1 ... > > and untagged traffic (i.e. packets that will show up on em0) won't have > that. > > > If you are getting an IP on em0, then my guess is that one of two > things might be happening: > > - there is a DHCP server upstream that is OK with getting untagged > traffic, and so your em0 is getting configured through it > > - your upstream device is getting tagged traffic from your ISP, > stripping its tags and sending it to em0 untagged (and the other way > round, for your outgoing traffic). Thank you very very much for this detailed and very useful explanation!
