Re: Configuring VLANs - Why is IP address require on NIC connected to Trunk?
Hi, On Fri, 19 Jun 2009 12:16:18 am Nikos Vassiliadis wrote: > Geoff Roberts wrote: > > I find I have to give the ext0 interface an IP address in order for > > routing and packet filtering to work on the attached VLANs. > > > > a) Is there a way to configure this so that I don't have to give ext0 an > > IP address? > > Yes, you just have to "up" the interface: > ifconfig_em0="up" Thanks to all who responded. I believe marking the interface as up will be the source of the issue. I'll be able to restart the server in a couple of days and verify everything works after a restart. It has been one of those nagging issues that eventually bubbled to the top of the list. Kind regards, Geoff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Configuring VLANs - Why is IP address require on NIC connected to Trunk?
done using ifconfig_em0_name="ext0" in rc.conf. I find I have to give the ext0 interface an IP address in order for routing and packet filtering to work on the attached VLANs. You have to set up IP address to vlans, not main interface. It's the way vlan's work. Having 2 vlan's is like having 2 ethernet cards, while physically having one. switch is responsible to segregate your traffic and connect one "virtual ethernet" to right clients, and second to other clients - exactly how you configured switch. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Configuring VLANs - Why is IP address require on NIC connected to Trunk?
Geoff Roberts wrote: I find I have to give the ext0 interface an IP address in order for routing and packet filtering to work on the attached VLANs. This shouldn't be the case. The "ext0" interface should not need an IP address for the two vlanX interfaces to function correctly. Are you sure you're setting the vlandev on the child interfaces? Perhaps you need to force the ext0 interface "up". If em0 is your external/trunk interface, you should have something like: ifconfig_em0="up" cloned_interfaces="vlan0 vlan1" ifconfig_vlan0 ="inet X.X.X.X netmask X.X.X.X vlan 0 vlandev em0 up" ifconfig_vlan1 ="inet X.X.X.X netmask X.X.X.X vlan 1 vlandev em0 up" After that, you should be able to simply filter on the vlan0 and vlan1 interfaces using pf. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Configuring VLANs - Why is IP address require on NIC connected to Trunk?
Geoff Roberts wrote: I find I have to give the ext0 interface an IP address in order for routing and packet filtering to work on the attached VLANs. a) Is there a way to configure this so that I don't have to give ext0 an IP address? Yes, you just have to "up" the interface: ifconfig_em0="up" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Configuring VLANs - Why is IP address require on NIC connected to Trunk?
Hi, I am currently using FreeBSD 7.2 - although the configuration below was originally configured on FreeBSD 7.0. I have a working VLAN configuration - two VLANS on one interface. Let's call the interface ext0 and the VLANS bound to this interface vlan0 and vlan1 The interface ext0 is actually a symbolic name for the real interface (NIC) - done using ifconfig_em0_name="ext0" in rc.conf. I find I have to give the ext0 interface an IP address in order for routing and packet filtering to work on the attached VLANs. a) Is there a way to configure this so that I don't have to give ext0 an IP address? In reality ext0 actually does nothing and has no traffic directed to or from it. I would much rather have ext0 without an IP address, as then I don't have to worry about firewall rules etc. b) If I do have to give the ext0 interface an IP address are there any general standards on IP address and mask to specify? c) Should I also specify firewall rules in pf such as the following or will these rules cause other things to break. block in on ext0 from any to (ext0) block out on ext0 from (ext0) to any Kind regards, Geoff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
