Date: Wed, 18 Mar 2009 22:14:16 +0100 From: "Peter Cornelius" <pcc@gmx.net> To: Nikos Vassiliadis <nvass9573@gmx.com> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD Networking Questions / vlan, lagg, routing, FIBs, ezjail Message-ID: <20090318211416.62510@gmx.net> In-Reply-To: <49BF674C.80209@gmx.com> References: <20090315163416.257870@gmx.net> <49BF674C.80209@gmx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hiya Nikos, re list, > Hm, the promiscuous mode must be needed for the vlan driver. > But you don't have to set it. It does not work without, at the router end. Suspicions, please see below. > I can't think of any implication in a switched ethernet environment. > > It is just that every frame received from the cable is offered > to the operating system for further evaluation. In a switched > ethernet environment every frame that will reach your card will > be either: > 1) for you. > 2) a broadcast frame. > 3) a multicast frame. And hence there should be no (notable) effect. That is my interpretation, yes. > Things would be very different, if your system was connected to a > hub where a multitude of frames(every frame on the ethernet) would > be interrupting the kernel for no reason. Exactly. But I connect to a switch and hence expect the behaviour detailed above. Now, it is my suspicion that the apparent need for promisc at the router end indeed is an apperent one and not really the router's fault but rather the other end's. The other end, in this case, is the server below. If the server, with its single MIB, default-routes its packets through one specific of its vlans which may not be the one, at the router's end, with the corresponding IP network the traffic entered into the net, would it be possible that there's something preventing them be received? Unless there's promisc on, of course... I'll grab the laptop next time I think of it and have the switch monitor traffic to it to see what really is on the wire, maybe that helps and gives me a clue. I just keep forgetting the bl**dy thing each time I leave... > - On my "server", is there any way to set up individual > > "default" routes (to the router) for each of the vlans short of > > tucking the ezjails behind the vlan interfaces each into their own > > FIB (btw,. has anyone ever done that?)? > > Yes, from FreeBSD-7.1 and beyond, there is support > for up to 16 routing tables. Use the setfib command > to select routing table for outgoing connections. So, I interpret your response as that I am correct, I have a single default route per FIB, and that's it. Which effectively means that I do need FIBs. I agree that this behaviour might make some sense :) > Something like, "setfib 10 jail $JAILOPTSANDARGS", > in the jail case. You have to compile a kernel > with the option ROUTETABLES=n. Read the message for > revision 1.1485 from here: > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/conf/NOTES I have seen that section as a separate posting [1] which is why I suspected to possibly be able to resolve my issues above with it. It is my intention to insert 4 to 8 FIBs asap but I currently don't know when I take my time doing so. Generally speaking, or rather, inquiring, has anyone ever done FIBs with ezjail? It probably is very easy, and I consider(ed) looking into it myself but I currently spend about max. an hour every 2-3 days on FreeBSE so I don't really progress. Well, might eventually, but that'll be dunno when. But well, such is life, and this is pleasure not work :) and I hope to learn something useful on the way. Thanks a lot, and All the best, Peter. [1] http://lists.freebsd.org/pipermail/freebsd-arch/2007-December/007331.html -- Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger01
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090318211416.62510>