Subject: Re: VLAN and netstart
To: Michael Graff <>
From: Manuel Bouyer <>
List: tech-net
Date: 12/03/2001 23:55:41
On Mon, Dec 03, 2001 at 12:11:29PM -0800, Michael Graff wrote:
> There are a few annoying issues that I'm not certain how to fix
> regarding ipf, vlan, and netstart.
> I used to have two interfaces, fxp0 and fxp1.  Since these were
> hardware interfaces, ipf could add rules to them before they were
> ifconfig'd up.
> That is, this is the order things happen:
>         ipf is brought up
>                 rules for fxp0 and fxp1 are installed
>         fxp0 is configured up
>         fxp1 is configured up
> Now, I have one interface and two VLANs on it.  The question is, where
> do I put the "ifconfig vlan1 create", "ifconfig vlan1 vlan 1 vlanif fxp0",
> and the actual "ifconfig vlan1 inet ..." statements?
> Even if I put them in /etc/ifconfig.vlan1, in which I don't think
> multiline configurations are supported, ipf won't properly configure
> itself because at the time it is run, vlan1 doesn't exist.

It is, at last in -current. I didn't check 1.5.x

For the ipf problem: I ran into this with pppoe too. I think I just put
an ipfilter reload in my /etc/netstart.local; but true, it's ugly.

Manuel Bouyer <>