From owner-freebsd-questions@FreeBSD.ORG Sat Mar 28 18:29:07 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5E4A8106564A for ; Sat, 28 Mar 2009 18:29:07 +0000 (UTC) (envelope-from pcc@gmx.net) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.freebsd.org (Postfix) with SMTP id 4BED08FC0C for ; Sat, 28 Mar 2009 18:29:06 +0000 (UTC) (envelope-from pcc@gmx.net) Received: (qmail 28855 invoked by uid 0); 28 Mar 2009 18:29:04 -0000 Received: from 84.163.243.195 by www159.gmx.net with HTTP; Sat, 28 Mar 2009 19:29:04 +0100 (CET) Content-Type: text/plain; charset="iso-8859-1" Date: Sat, 28 Mar 2009 19:29:04 +0100 From: "Peter Cornelius" In-Reply-To: <20090318211416.62510@gmx.net> Message-ID: <20090328182904.227120@gmx.net> MIME-Version: 1.0 References: <20090315163416.257870@gmx.net> <49BF674C.80209@gmx.com> <20090318211416.62510@gmx.net> To: freebsd-questions@freebsd.org X-Authenticated: #491680 X-Flags: 0001 X-Mailer: WWW-Mail 6100 (Global Message Exchange) X-Priority: 5 X-Provags-ID: V01U2FsdGVkX19JhOYIDxNJYOFHO0j88MPDEhD7qsyaLwNAyuhee9 vmUOAnILN/3YkdOEzt3U7rqOa1MA3Q+ngElw== Content-Transfer-Encoding: 8bit X-GMX-UID: SVT4APAfQEV/FZe2bnVptBpCNzg2NUJh X-FuHaFi: 0.52 Subject: Re: FreeBSD Networking Questions / vlan, lagg, routing, FIBs, ezjail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Mar 2009 18:29:07 -0000 > Now, it is my suspicion that the apparent need for promisc at the router > end indeed is an apperent one and not really the router's fault but rather > the other end's. The other end, in this case, is the server below. > > If the server, with its single MIB, default-routes its packets through one > specific of its vlans which may not be the one, at the router's end, with > the corresponding IP network the traffic entered into the net, would it be > possible that there's something preventing them be received? Unless there's > promisc on, of course... > > I'll grab the laptop next time I think of it and have the switch monitor > traffic to it to see what really is on the wire, maybe that helps and gives > me a clue. I just keep forgetting the bl**dy thing each time I leave... Ok, after a good portion of fiddling with the switch, it seems that you cannot copy traffic from link-aggregated ports to a monitor port on a Linksys SRW2016. Now out at my wits end here it seems. I'll try the FIB approach hopefully next week then. > > - On my "server", is there any way to set up individual > > > "default" routes (to the router) for each of the vlans short of > > > tucking the ezjails behind the vlan interfaces each into their own > > > FIB (btw,. has anyone ever done that?)? > > > > Yes, from FreeBSD-7.1 and beyond, there is support > > for up to 16 routing tables. Use the setfib command > > to select routing table for outgoing connections. > > So, I interpret your response as that I am correct, I have a single > default route per FIB, and that's it. Which effectively means that I do need > FIBs. I agree that this behaviour might make some sense :) > > > Something like, "setfib 10 jail $JAILOPTSANDARGS", > > in the jail case. You have to compile a kernel > > with the option ROUTETABLES=n. Read the message for > > revision 1.1485 from here: > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/conf/NOTES > (...) > Generally speaking, or rather, inquiring, has anyone ever done FIBs with > ezjail? It probably is very easy, and I consider(ed) looking into it myself > but I currently spend about max. an hour every 2-3 days on FreeBSE so I > don't really progress. Well, might eventually, but that'll be dunno when. But > well, such is life, and this is pleasure not work :) and I hope to learn > something useful on the way. (...) > [1] > http://lists.freebsd.org/pipermail/freebsd-arch/2007-December/007331.html Regards, Peter. -- Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger01