Date: Mon, 19 Dec 2011 11:47:36 -0500 From: John Nielsen <lists@jnielsen.net> To: saeedeh motlagh <saeedeh.motlagh@gmail.com>, freebsd-net@freebsd.org Subject: Re: vlan without ip address Message-ID: <3D195FF7-50F1-4955-9D27-CA249FC157E0@jnielsen.net> In-Reply-To: <CAN%2BS=WBenp6k9=qQjvdrPDqjdT3z%2BS2t5o9xyzVteDS28gBnpg@mail.gmail.com> References: <CAN%2BS=WDLmHuP=V616rtO7mnuzEgOt5GuYMZ4SsxgCWYdUF007g@mail.gmail.com> <CACVs6=-N5%2BL-8Q00sC_hgo=DBYudHT0a%2BQCykAzbiesOyNZZAw@mail.gmail.com> <CAN%2BS=WDd%2BRzhYcMYQCysxuMX5wM5iazw-fBY-W3RPppc3QhRYQ@mail.gmail.com> <CALoU1UMsjMLaXivejT3%2BCmd7XyvkMtmuy6H75PJASuyYjqXDwg@mail.gmail.com> <CAN%2BS=WDXBgfevY5U8LEY3iyssOt385Jps-7D0ijHPU9RZ2VbWQ@mail.gmail.com> <CABk4_A4YG=H9=v4s9u%2BgXtQUqnmmRQVvCcryFJ%2BaL6bNou-7fg@mail.gmail.com> <CAN%2BS=WBenp6k9=qQjvdrPDqjdT3z%2BS2t5o9xyzVteDS28gBnpg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 19, 2011, at 12:52 AM, saeedeh motlagh wrote: > you're right but we can't assign tow parent interface to one vlan in > freebsd therefore i define two vlans with the one vlan id. > although we can do it by blow command but it's not work too: > ifconfig gbeth0.10 create > ifconfig msk0.10 create > ifconfig > gbeth0.10: flags=3D8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 = mtu 1500 > options=3D3<RXCSUM,TXCSUM> > ether 00:27:0e:03:4b:2f > media: Ethernet autoselect (1000baseT <full-duplex>) > status: active > vlan: 10 parent interface: gbeth0 > msk0.10: flags=3D8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 = mtu 1500 > options=3D100<TSO4> > ether 00:30:4f:63:5a:bc > media: Ethernet autoselect (none) > status: active > vlan: 10 parent interface: msk0 >=20 > you know when i define vlans with ip addressess they work as i = expected but > i want to know if i can define vlan without ip address as the switch > beacuse i wanna configure a freebsd box as a real switch in my = network. > maybe it's impossible to do that :( Take a few minutes to think out (and describe to us in detail if you = really want useful input) your network topology. What interfaces do you = have on the FreeBSD machine and what are they connected to? Which = interfaces should carry tagged traffic? Which interfaces should carry = untagged traffic? How many VLAN's exist? Which ones does the FreeBSD = machine care about? (i.e. which ones will it be tagging/untagging for?) = Traffic for other VLAN's can pass through the box but you don't need to = create VLAN interfaces for them. You need VLAN interfaces only for those = VLAN's where: The FreeBSD box itself should communicate on one or more = specific VLAN's (and/or provide services, etc) -OR- The FreeBSD box is sending/receiving untagged traffic on one or = more interfaces and should untag/tag it as needed for other hosts. Once you've got that figured out, configure your bridges and VLANs as = follows: Any physical interface that carries traffic for multiple VLAN's should = be considered a "trunk" port. Traffic on trunk ports is tagged. If you only have one trunk port, it shouldn't be in a bridge at all. If = you have more than one, all of your trunk ports should be members of a = single bridge (the "real" parent interfaces). If you don't want the FreeBSD box to do any tagging/untagging then = you're done. However it sounds like that is not the case.. Now create VLAN interfaces off of the trunk bridge (or interface if just = one) for only those VLAN's this machine cares about. For each VLAN that should do tagging/untagging for a physical interface, = create a NEW bridge device. Add to the bridge the untagged physical = interface(s) and the appropriate VLAN interface from the trunk. If the FreeBSD box itself needs to communicate on one or more specific = VLAN's, configure it to do so using the bridge device created for that = VLAN (if any) or the appropriate VLAN sub-interface of the trunk bridge = (if not shared with any untagged physical interfaces). In short, you should only have ONE trunk device, whether it's a bridge = or a single interface. You don't need to create a VLAN interface for = VLAN's this machine doesn't care about. ALL of the VLAN sub-interfaces = you do create should be children of the trunk device. VLAN's that have = untagged interfaces should be in their own bridges with those = interfaces. HTH, JN > On Sun, Dec 18, 2011 at 10:52 PM, Alexander Lunev <sol289@gmail.com> = wrote: >=20 >> first of all, you should name and number you vlan same, if it's = clan10 >> on the one side, then it's vlan10 on the other side and in betweeen. >> then (though you have to do it first of all), you should understand >> how vlan's work, and after that connect ports to each other according >> to your scheme. >>=20 >>=20 >> -- >> your sweet isn't ready yet >>=20 >>=20 >>=20 >> On Sun, Dec 18, 2011 at 10:01 AM, saeedeh motlagh >> <saeedeh.motlagh@gmail.com> wrote: >>> i have 3 freebsd system: 0.28 , 0.25 and 0.12 which 28 is assumed to = be >>> switch here. one interface of 28 is connected to 25 and the other >> interface >>> of 28 is connected to 12. as mentioned below, i've defined two = vlan10 and >>> 11 with the same vlan id on the 28 and bridge them. >>> now i can't ping 0.25 from 0.12. what's wrong here? should i define >> vlan10 >>> on 12 and 25? >>> please tell me if i'm misunderstanding. >>> this is the ifconfig for 0.28: >>> vlan10: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> >> metric 0 >>> mtu 1500 >>> options=3D3<RXCSUM,TXCSUM> >>> ether 00:27:0e:03:4b:2f >>> media: Ethernet autoselect (1000baseT <full-duplex>) >>> status: active >>> vlan: 10 parent interface: gbeth0 >>> vlan11: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> >> metric 0 >>> mtu 1500 >>> options=3D100<TSO4> >>> ether 00:30:4f:63:5a:bc >>> media: Ethernet autoselect (none) >>> status: active >>> vlan: 10 parent interface: msk0 >>> bridge0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric = 0 mtu >>> 1500 >>> ether d6:c4:f6:0f:5e:4f >>> id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 >>> maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 >>> root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 >>> member: vlan11 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> >>> ifmaxaddr 0 port 6 priority 128 path cost 55 >>> member: vlan10 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> >>> ifmaxaddr 0 port 5 priority 128 path cost 20000 >>>=20 >>>=20 >>> On Sat, Dec 17, 2011 at 8:47 PM, Alireza Torabi < >> alireza.torabi@gmail.com>wrote: >>>=20 >>>> =D9=8EAlso it's a good idea to to attach a ifconfig output. >>>>=20 >>>> On 12/17/11, saeedeh motlagh <saeedeh.motlagh@gmail.com> wrote: >>>>> when i do that, the vlan is defined but from a system in a vlan, i >> can't >>>>> ping the other one which is in the same vlan. so i think that the >> vlan is >>>>> not working. am i right? >>>>>=20 >>>>> On Sat, Dec 17, 2011 at 1:15 PM, Juli Mallett = <jmallett@freebsd.org> >>>> wrote: >>>>>=20 >>>>>> You probably just need to do ifconfig vlanxxx up instead of >> assigning an >>>>>> IP. >>>>>>=20 >>>>>> On Sat, Dec 17, 2011 at 00:08, saeedeh motlagh >>>>>> <saeedeh.motlagh@gmail.com> wrote: >>>>>>> hi every body >>>>>>>=20 >>>>>>> i wanna configure a freebsd box as a switch. in order to do = that, i >>>>>> bridged >>>>>>> all my interfaces to have switching and it works fine. after = that i >>>> want >>>>>> to >>>>>>> have vlans on it. as you know, in a real switch, a vlan is >> configured >>>>>> just >>>>>>> by assigning a port to it without any additional configuration = and >>>> vlans >>>>>>> are submitted just by name. but in freebsd a vlan just works = when >> it >>>> has >>>>>> an >>>>>>> ip address (i think). when i define vlan121 on two freebsd = systems >>>> with >>>>>> ip >>>>>>> address it works fine but without ip address i don't know how it >>>> should >>>>>> be >>>>>>> worked. >>>>>>>=20 >>>>>>> can sombody tell me if it is possible to simulate vlans in = freebsd >> as >>>>>> they >>>>>>> are in a real switch? i mean can we have vlans without ip = addresses >>>>>>> which >>>>>>> works fine? maybe some kind of vlan which works by MAc address. = is >> it >>>>>>> possible? >>>>>>> it's so necessary for me to do that:( >>>>>>>=20 >>>>>>> yours, >>>>>>> motlagh >>>>>>> _______________________________________________ >>>>>>> freebsd-net@freebsd.org mailing list >>>>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>>>>>> To unsubscribe, send any mail to " >> freebsd-net-unsubscribe@freebsd.org >>>> " >>>>>>=20 >>>>> _______________________________________________ >>>>> freebsd-net@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>>>> To unsubscribe, send any mail to = "freebsd-net-unsubscribe@freebsd.org >> " >>>>>=20 >>>>=20 >>> _______________________________________________ >>> freebsd-net@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-net >>> To unsubscribe, send any mail to = "freebsd-net-unsubscribe@freebsd.org" >>=20 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D195FF7-50F1-4955-9D27-CA249FC157E0>