[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bridging between vlans

To: "sebastian schmitzdorff" <sebastian.schmitzdorff@ina-germany.de>
Subject: Re: Bridging between vlans
From: "Marco Matarazzo" <marmata@libero.it>
Date: Wed, 1 Sep 2004 16:57:03 +0200
Cc: <misc@openbsd.org>
References: <1093949263.3450.144.camel@mxpx> <1093965644.1887.53.camel@wolfpack.ljm.dom> <1133.62.109.102.40.1093976032.squirrel@intranet.ina-germany.de> <1093977056.1887.67.camel@wolfpack.ljm.dom> <1094024834.3441.181.camel@mxpx> <00a901c4902d$3fc91f90$150ba8c0@it.interhouse.redbus.com> <1094049050.3448.225.camel@mxpx>

> I already read this thread in the pf mailinglist but I didnt think it
> would apply to me since they were talking about OpenBSD 3.3 and I'm
> using 3.5. Obviously I was wrong :)

Well, it applies for the strictly pf part. 3.5 has dynamic virtual
interfaces, so you don't have to recompile the kernel for the added vlans
and bridges.

> I will torture my brain a bit more
> and try to understand. If I get it right I will have to use 2 bridges
> and 4 vlan interaces to bridge between 2 vlans?

Exactly. Basically you'll have to create two vlan interfaces, attached to
two different vlandevs but with the sames vlan tag (the same tag you're
using on the switch). Then bridge these two vlans. And rememberg that ports
on the switch must be in trunk mode!

Cheers,
]\/[arco
>
> Thanks for your response
>
> greets
> Sebastian
> > Hi Sebastian,
> >
> > this has been discussed ages ago on the pf mailing list:
> >
> > http://www.benzedrine.cx/pf/msg02069.html
> >
> > I don't know if the situation has evolved since then, and how it scales
with
> > an high number of vlan interfaces, since you have to configure two vlan
> > interfaces and a bridge for each vlan you want to filter on... but at
least
> > it works! ;)
> >
> > Cheers,
> > ]\/[arco
> >
> > ----- Original Message ----- 
> > From: "sebastian schmitzdorff" <sebastian.schmitzdorff@ina-germany.de>
> > To: "openbsd mailinglist - misc" <misc@openbsd.org>
> > Sent: Wednesday, September 01, 2004 9:47 AM
> > Subject: Re: Bridging between vlans
> >
> >
> > > > sorry--i had taken off my firewall hat there for a few minutes--but
it's
> > > > back now.  i think you're barking up the wrong bush with creating
vlan
> > > > interfaces on the openbsd bridge...you should just be able to add
the
> > > > two ethernet interfaces to a bridge and be on your merry way...as
long
> > > > as the layer 3 subnet is the same on vlan0 & vlan1...
> > > >
> > > > -j
> > > >
> > > >
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
> > > > Let the worthy citizens of Chicago get their liquor the best way
they
> > > > can. I'm sick of the job. It's a thankless one and full of grief. -- 
Al
> > > > Capone
> > > >
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
> > >
> > > well that was actually my first thought and also my first approach to
> > > bridge the two vlans. I've tried various combinations of
configuration,
> > > interfaces configured as vlans and bridging between vlan0 and vlan1,
> > > interfaces unconfigured(just up) and bridging between fxp0 and xl0.
> > > Enabled and disabled the Spanning Tree of the switch, Configured the
> > > bridge ports as vlan trunks and disabled it again and so on.
> > > That is why I came to the question if it is possible at all with the
> > > switch I am using.
> > >
> > > 3com SuperStack II Desktop Switch
> > >
> > > My next try will be to replace the 3com 3c905 network card.
> > >
> > > Still, any comments are very welcome. Maybe I'm to blind to see a
> > > trivial solution to the problem.
> > >
> > > best regards,
> > >
> > > Sebastian

References:
- Re: Bridging between vlans
  - From: sebastian schmitzdorff <sebastian.schmitzdorff@ina-germany.de>
- Re: Bridging between vlans
  - From: "Marco Matarazzo" <marmata@libero.it>

Prev by Date: TAL-IPC protocol with pf
Next by Date: Re: isakmpd question
Prev by thread: Re: Bridging between vlans
Next by thread: Re: Bridging between vlans
Index(es):
- Date
- Thread