Date: Fri, 20 Aug 2010 13:11:48 -0400 From: Mike Tancsa <mike@sentex.net> To: xavier.humbert@groumpf.org (Xavier HUMBERT), freebsd-net@freebsd.org Subject: Re: Inter-vlan routing problem Message-ID: <201008201711.o7KHBnfT011714@lava.sentex.ca> In-Reply-To: <1jnj9gh.1ni0waznzbr5yM%xavier.humbert@groumpf.org> References: <1jnj9gh.1ni0waznzbr5yM%xavier.humbert@groumpf.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:52 AM 8/20/2010, Xavier HUMBERT wrote:
>vlan3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
> description: Chateau
> options=3<RXCSUM,TXCSUM>
> ether 00:e0:81:2d:62:3e
> inet 10.75.2.251 netmask 0xffffff00 broadcast 10.75.2.255
> media: Ethernet autoselect (1000baseT <full-duplex>)
> status: active
> vlan: 30 parent interface: bge0
>vlan4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
> description: VoIP
> options=3<RXCSUM,TXCSUM>
> ether 00:e0:81:2d:62:3e
> inet 10.75.3.251 netmask 0xffffff00 broadcast 10.75.3.255
> media: Ethernet autoselect (1000baseT <full-duplex>)
> status: active
> vlan: 100 parent interface: bge0
>
>
>Destination Gateway Flags Refs Use Netif Expire
>default 10.75.2.1 UGS 0 13742 vlan3
>192.168.1.0/24 link#9 U 5 234765 vlan0
>172.16.214.0/24 link#10 U 4 395054 vlan1
>192.168.0.0/24 link#11 U 1 4659 vlan2
>10.75.2.0/24 link#12 U 0 3361 vlan3
>10.75.3.0/24 link#13 U 0 2716 vlan4
>------------------------------------------------------------------------
>
>The problem is that, from the gateway itself, I can "see" all devices on all
>vlans (nmap proves this). But from my station (which is on the vlan
>#10), I can
>access on my own vlan, and the default vlan #1. A ping or traceroute
>to another
>machine - I tried the defaul_router, which as you can see is on vlan #30 -
>fails miserably. Tcpdump is not very helpful :
>
>------------------------------------------------------------------------
>[xavier@imac-xav ~]$ traceroute 10.75.2.1
>traceroute to 10.75.2.1 (10.75.2.1), 64 hops max, 52 byte packets
> 1 gateway (172.16.214.251) 0.697 ms 0.227 ms 0.245 ms
> 2 * * *
I dont understand, why is 10.75.2.1 going out your default interface
? It should look for packets on the same subnet that the vlan3 interface is on
Can you do an
arp -na
and
netstat -Wnra
On the nortel switch, are you sure you have it on the equiv of a
"trunk" port? Is there a way to see what MAC addresses the switch
sees as part of what VLAN ?
>Is the bad cksum relevant ?
Not necessarily. It might be due to the chksum offloading of the NIC driver.
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008201711.o7KHBnfT011714>