VLAN help needed

Sepherosa Ziehau sepherosa at gmail.com
Sat Feb 24 00:20:23 PST 2007


On 2/24/07, Gergo Szakal <bastyaelvtars at gmail.com> wrote:
On Sat, 24 Feb 2007 12:14:33 +0800
"Sepherosa Ziehau" <sepherosa at gmail.com> wrote:
Many thanks for your quick help again, Sephe.

> ifconfig iface0 up
> ifconfig vlan0 create
> ifconfig vlan0 vlan your_tag vlandev iface0
> # assign inet and netmask to vlan0
>
Quite straightforward, but still asking: I have to do this on all my interfaces, right?
For all the interfaces which will be on vlan.  You can create multi
vlan on one physical iface, if that's what you meant.
Oh, and if I do packetfiltering, I still have to do that on the physical interface, right?
No quite familiar with pf.  ALTQ setting should be applied to physical
iface, while rest of the rules _may_ be applied to vlan iface.
Do I have to 'addm' the vlan interfaces to bridge0, or the physical interfaces?
Add vlan iface to bridge, after applying following patch:
http://leaf.dragonflybsd.org/~sephe/vlan_promisc.diff
> If vlan tag mismatches for vlan packets, these vlan packets will be
> dropped, but if you are not using hardware vlan tagging, you can grab
> the to-be-dropped vlan packets using tcpdump.
>
OK, thanks. Will this method work with every kind of NIC (i. e. no hardware support is needed)?
Hardware vlan tagging support is not mandatory.

Best Regards,
sephe
--
Live Free or Die




More information about the Users mailing list