On Sat, Jun 09, 2007 at 12:27:30AM -0400, Douglas Wade Needham wrote:
> At least one of the VLANs (vlan 4 in my example) will have to exist on
> multiple physical subnets/segments, given where I need to put the
> nodes for that one VLAN.  And given some of the traffic I push around
> here, putting everything for my firewall on a single interface is not
> really a good idea.  But it may be that my switch could have one port
> configured in a way that packets coming in on that port on that one
> vlan will get where they should go without passing through
> alpha.... but the docs are a bit crappy in that area.

It sounds to me like you need to create two VLAN pseudo-interfaces,
one for fxp1, and a second for fxp2, and then connect the two
pseudo-interfaces with a bridge.  That is,

ifconfig vlan4 create
ifconfig vlan5 create
ifconfig bridge0 create

ifconfig vlan4 vlan 4 vlanif fxp1
ifconfig vlan5 vlan 4 vlanif fxp2

ifconfig vlan4 inet 192.168.4.1 netmask 0xffffff00

brconfig bridge0 add vlan4 add vlan5
ifconfig bridge0 up

Dave

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933 ext 24