Thanks for all the hints.
I solved te problem in this way and everything works:
# configure vlan1 (Default) ip interface
ifconfig vr1 172.16.1.254 netmask 255.255.255.0
ifconfig vr2 up
ifconfig vr3 up
# configure VLAN 100 (TAG 100) on physical interfaces use pseudo names
ifconfig vlan1100 vlan 100 vlandev vr1
ifconfig vlan2100 vlan 100 vlandev vr2
ifconfig vlan3100 vlan 100 vlandev vr3
# bridge pseudo vlans together with physical interfaces so that vlans
# is forwarded to all physical ports
ifconfig bridge100 create
ifconfig bridge100 add vlan1100 add vlan2100 add vlan3100 add vr1 add
vr2 add vr3 up
# assign IP addres to vlan1100 (VLAN 100) ip interface
ifconfig vlan1100 inet 172.16.100.254 netmask 255.255.255.0 up
# configure VLAN 101 (TAG 101) on physical interfaces use pseudo names
ifconfig vlan1101 vlan 101 vlandev vr1
ifconfig vlan2101 vlan 101 vlandev vr2
ifconfig vlan3101 vlan 101 vlandev vr3
# bridge pseudo vlans together with physical interfaces so that vlans
# is forwarded to all physical ports
ifconfig bridge101 create
brconfig bridge101 add vlan1101 add vlan2101 add vlan3101 up
# assign IP address to vlan1101 (VLAN 101) ip interface
ifconfig vlan1101 inet 172.16.101.254 netmask 255.255.255.0
# start dhcp
/usr/local/sbin/dhcpd vlan1100 vlan1101
everything works, I can attach a wifi access point to whatever physical
port vr1 vr2 or vr3, and vlans are forwarded to all ports
thank you
Rick
On Fri, 17 Apr 2009, Daniel Ouellet wrote:
RJ45 wrote:
ok thank you for the configuration, but I have one more problem.
aside vlan100 and vlan 101 I need to have i on physical vr1 vr2 vr3
but also the default native vlan (VLAN 1 UNTAGGED) needs to be forwarded to
vr1 vr2 vr3
no I Can only do it adding physical vr1 vr2 vr3 to the bridge, and
after doing this everything is messed up....
Why not? I can add vlan only to bridge as well.
The only part I am not sure is the capability to add loopback to bridge.
Obviously this would need to be tested. If I get some time today I might try
to add a loopback interface to a bridge. I use plenty of loopback interface
for various things and I assume you could put in into a bridge, but I can't
say for sure.
But you sure can put them on the interface anyway, or vlan with an interface
as the parent as I show you before and add it to the bridge.
If loopback can't be use that way then you can put IP on interface via
different vlan, that for sure is possible and then add that vlan to your
bridge.
See here, look at bridge2 is made of vlan only and bridge 1 is mad of
physical interfaces:
# brconfig
bridge1: flags=41<UP,RUNNING>
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
dc1 flags=3<LEARNING,DISCOVER>
port 2 ifpriority 0 ifcost 0
dc0 flags=3<LEARNING,DISCOVER>
port 1 ifpriority 0 ifcost 0
Addresses (max cache: 100, timeout: 240):
00:03:ba:4e:6d:aa dc1 0 flags=0<>
00:03:ba:27:56:bf dc1 0 flags=0<>
00:03:ba:0a:36:0c dc1 1 flags=0<>
00:03:ba:0f:e5:03 dc1 0 flags=0<>
00:18:73:53:7e:40 dc1 1 flags=0<>
00:10:e0:00:c7:08 dc1 0 flags=0<>
00:18:73:53:7e:58 dc1 1 flags=0<>
00:03:ba:2b:41:96 dc1 0 flags=0<>
00:03:ba:68:4a:53 dc1 0 flags=0<>
00:03:ba:10:49:85 dc1 1 flags=0<>
00:03:ba:0f:c3:87 dc1 1 flags=0<>
00:03:ba:2a:8b:9c dc1 1 flags=0<>
00:03:ba:0f:e4:35 dc1 1 flags=0<>
00:02:b3:40:db:a1 dc1 1 flags=0<>
00:03:ba:0f:e4:2f dc1 0 flags=0<>
00:03:ba:4e:6d:fc dc1 1 flags=0<>
00:1f:5b:38:fc:30 dc1 1 flags=0<>
00:03:ba:36:5a:9a dc1 0 flags=0<>
00:03:ba:0f:e4:61 dc1 1 flags=0<>
00:09:7c:d6:52:80 dc0 1 flags=0<>
00:0d:28:5e:a7:40 dc1 1 flags=0<>
00:03:ba:0f:e4:1f dc1 1 flags=0<>
bridge2: flags=41<UP,RUNNING>
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp
vlan1002 flags=3<LEARNING,DISCOVER>
port 5 ifpriority 0 ifcost 0
vlan2 flags=3<LEARNING,DISCOVER>
port 6 ifpriority 0 ifcost 0
Addresses (max cache: 100, timeout: 240):
00:30:94:c4:32:72 vlan1002 0 flags=0<>
00:13:1a:59:1d:c4 vlan1002 1 flags=0<>
00:09:7c:d6:52:80 vlan2 1 flags=0<>
00:18:73:53:7e:58 vlan1002 1 flags=0<>
00:04:f2:02:06:10 vlan1002 1 flags=0<>
00:09:b7:0a:84:ff vlan1002 0 flags=0<>
00:07:eb:6a:a9:39 vlan1002 0 flags=0<>
#
