On 2/24/07, Gergo Szakal <[EMAIL PROTECTED]> wrote:
On Sat, 24 Feb 2007 12:14:33 +0800
"Sepherosa Ziehau" <[EMAIL PROTECTED]> wrote:
Many thanks for your quick help again, Sephe.
> ifconfig iface0 up
> ifconfig vlan0 create
> ifconfig vlan0 vlan your_tag vlandev iface0
> # assign inet and netmask to vlan0
>
Quite straightforward, but still asking: I have to do this on all my
interfaces, right?
For all the interfaces which will be on vlan. You can create multi
vlan on one physical iface, if that's what you meant.
Oh, and if I do packetfiltering, I still have to do that on the physical
interface, right?
No quite familiar with pf. ALTQ setting should be applied to physical
iface, while rest of the rules _may_ be applied to vlan iface.
Do I have to 'addm' the vlan interfaces to bridge0, or the physical interfaces?
Add vlan iface to bridge, after applying following patch:
http://leaf.dragonflybsd.org/~sephe/vlan_promisc.diff
> If vlan tag mismatches for vlan packets, these vlan packets will be
> dropped, but if you are not using hardware vlan tagging, you can grab
> the to-be-dropped vlan packets using tcpdump.
>
OK, thanks. Will this method work with every kind of NIC (i. e. no hardware
support is needed)?
Hardware vlan tagging support is not mandatory.
Best Regards,
sephe
--
Live Free or Die
