Subject: Re: VLAN + bridging problems
To: Dobromir Montauk <dmontauk@rescomp.berkeley.edu>
From: William Waites <ww@styx.org>
List: tech-net
Date: 12/10/2002 02:32:21
>>> "Dobromir" == Dobromir Montauk <dmontauk@rescomp.berkeley.edu> writes:
Dobromir> It's not. But my guess is that the NetBSD VLAN driver,
Dobromir> like the Linux driver, should strip off the VLAN tag
Dobromir> before doing anything else - for example forwarding the
Dobromir> packet through a bridge...
That is precisely what's happening. In sys/net/if_ethersubr.c the
relevant function is ether_input(), around line 703. The packet is
bridged first, then the vlan header is stripped off around line 754.
Dobromir> In Linux, supposedly, there's a special option to turn
Dobromir> this "feature" on/off. I was hoping NetBSD had the same
Dobromir> thing.
If we strip the vlan header off before bridging the packet, then
bridging under the vlans won't work -- you can't make a repeater out
of two NICs that will forward packets leaving the 802.1q header
intact.
If we bridge the packet first then there are three scenarios:
- vlan and vlan as members of a bridge -- this works correctly because
vlan_input calls ether_input recursively after it has stripped the
header.
- vlan and ether -- this works correctly as long as tagged packets are
never recieved on the ether interface.
- ether and ether -- this is the repeater scenario above
It looks like the scenario you are running into is the second, only
tagged packets *are* being recieved over the regular ethernet
interface.