tech-net: status vlans on bge(4)?

Subject: status vlans on bge(4)?
To: None <tech-net@netbsd.org>
From: Christoph Kaegi <kgc@zhwin.ch>
List: tech-net
Date: 05/11/2004 14:31:43
I was just about to send off my mail, when I found kern/20363.

Is anybody working on this? Will it be fixed for NetBSD 2.0?

Thanks 
Chris


now answered question with problem description follows:

-------------------------------------- 8< --------------------------------------


I have the following nic in my Dell Latitude D600 Notebook
with NetBSD 1.6.2_STABLE:

-------------------------------------- 8< --------------------------------------
bge0 at pci2 dev 0 function 0: Broadcom BCM5702X Gigabit Ethernet
bge0: interrupting at irq 11
bge0: ASIC BCM5703 A2, Ethernet address 00:0d:56:df:c3:85
brgphy0 at bge0 phy 1: BCM5703 1000BASE-T media interface, rev. 2
brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
-------------------------------------- 8< --------------------------------------

I wanted to check, if it is possible to use NetBSD as
a Firewall between several vlans running over just
one trunkport.

The bge(4) manpage says, vlans are not supported
on bge(4) interfaces.
The code from if_bge.c looks to me (as a non expert)
like vlans could be supported.

From what I tried, I'd say: it basically works. I have
connected  a cisco 802.1q trunk port to my notebook
and sucessfully created several vlan interfaces to my
physical bge interface.

I can ssh and telnet around and with tcpdump I can see
traffic on the connected vlans.

So far so good.

But when I startup links -g and try to load www.netbsd.org for example,
I get a timeout.

On the Firewall before the proxy it looks like:
-------------------------------------- 8< --------------------------------------
  1   0.000000 1.2.3.4 -> proxy TCP 65498 > 8080 [SYN] Seq=2288912255 Ack=0 Win=16384 Len=0
  2   0.000507 proxy -> 1.2.3.4 TCP 8080 > 65498 [SYN, ACK] Seq=1040683047 Ack=2288912256 Win=24616 Len=0
  3   0.001827 1.2.3.4 -> proxy TCP 65498 > 8080 [ACK] Seq=2288912256 Ack=1040683048 Win=17520 Len=0
  4   0.002480 1.2.3.4 -> proxy HTTP GET http://www.netbsd.org/ HTTP/1.1
  5   0.003974 proxy -> 1.2.3.4 TCP 8080 > 65498 [ACK] Seq=1040683048 Ack=2288912812 Win=24616 Len=0
  6   0.007703 proxy -> 1.2.3.4 HTTP HTTP/1.0 200 OK
  7   0.007833 proxy -> 1.2.3.4 HTTP Continuation
  8   0.007925 proxy -> 1.2.3.4 HTTP Continuation
  9   0.009248 1.2.3.4 -> proxy TCP 65498 > 8080 [ACK] Seq=2288912812 Ack=1040683048 Win=17520 Len=0
 10   3.374421 proxy -> 1.2.3.4 HTTP HTTP/1.0 200 OK
 11   7.324341 proxy -> 1.2.3.4 HTTP HTTP/1.0 200 OK
 12  10.124283 proxy -> 1.2.3.4 HTTP HTTP/1.0 200 OK
-------------------------------------- 8< --------------------------------------

Packet 9 acks packet 6, but not packet 8.
So it seems like the client didn't receive packet 7 and 8.

I'm not sure, where I should start searching.

Can anybody help me?

Thanks
Chris

-- 
----------------------------------------------------------------------
Christoph Kaegi                                           kgc@zhwin.ch
----------------------------------------------------------------------