From owner-freebsd-hackers  Sat Apr 20  9:17:56 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75])
	by hub.freebsd.org (Postfix) with ESMTP
	id A424937B404; Sat, 20 Apr 2002 09:17:50 -0700 (PDT)
Received: (from brdavis@localhost)
	by odin.ac.hmc.edu (8.11.0/8.11.0) id g3KGHXG23172;
	Sat, 20 Apr 2002 09:17:33 -0700
Date: Sat, 20 Apr 2002 09:17:33 -0700
From: Brooks Davis <brooks@one-eyed-alien.net>
To: Julian Elischer <julian@elischer.org>
Cc: Doug Ambrisko <ambrisko@ambrisko.com>,
	Archie Cobbs <archie@dellroad.org>,
	Terry Lambert <tlambert2@mindspring.com>,
	"Peter J. Blok" <Peter.Blok@inter.NL.net>,
	freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG
Subject: Re: vlan traffic over ipsec tunnel
Message-ID: <20020420091733.A21119@Odin.AC.HMC.Edu>
References: <200204192001.g3JK1q748470@ambrisko.com> <Pine.BSF.4.21.0204191316370.8266-100000@InterJet.elischer.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="FCuugMFkClbJLl1L"
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <Pine.BSF.4.21.0204191316370.8266-100000@InterJet.elischer.org>; from julian@elischer.org on Fri, Apr 19, 2002 at 01:18:16PM -0700
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG


--FCuugMFkClbJLl1L
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Apr 19, 2002 at 01:18:16PM -0700, Julian Elischer wrote:
> failing that, I have just had "contributed"
> some code that produces an actual "vlan" netgraph node.
> You attach it to the ethernet node.. I'm still
> reading it to work out what it does..

One thing worth noting.  I'm pretty sure that a netgraph vlan node is
going to have all sorts of trouble with cards that support hardware vlan
decoding (that's most of the gigabit Ethernet cards).  The problem is that
vlan'd frames won't make it to ether_input at all.  I believe the correct
solution is to implement a nic capability which can be used to turn this
support on and off like we're supposed to be able to do for hardware
checksuming.  Alternativly, the current driver code could be modified
to fake up a vlan header and then call ether_input with the packet when
the vlan driver isn't loaded (it currently discards the packet.)  There
may even be something to be said for doing both.

-- Brooks

--=20
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

--FCuugMFkClbJLl1L
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8wZScXY6L6fI4GtQRApryAJ9UXW1TonFjTFQXAtgvVOPsPcsKWACg0LQv
UeWvKfjCkNOGbZRWkxQuCd4=
=1kjn
-----END PGP SIGNATURE-----

--FCuugMFkClbJLl1L--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message