Suggesting for fixing VLAN bridging the right way

Doug Ambrisko ambrisko at ambrisko.com
Thu Jul 3 13:11:32 PDT 2003


I'm trying to bridge VLAN traffic to network that doesn't have that VLAN,
something like:
	(vlan network) -> fxp0 -> vlan0 <- FreeBSD bridge -> rl0 (no tag)

Both of the networks are the same except one side is tagged the other
has no tag.

It works fine in the "no tag" -> "tag" direction.  It fails in the
"tag" -> "no tag" direction since ether_demux we bail out on this
check:
	if (!(BDG_ACTIVE(ifp))) {
		/*
		 * Discard packet if upper layers shouldn't see it because it
		 * was unicast to a different Ethernet address. If the driver
		 * is working properly, then this situation can only happen 
		 * when the interface is in promiscuous mode.
		 */
		if ((ifp->if_flags & IFF_PROMISC) != 0
		    && (eh->ether_dhost[0] & 1) == 0
		    && bcmp(eh->ether_dhost,
		      IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0
		    && (ifp->if_flags & IFF_PPROMISC) == 0) {
			m_freem(m);
			return;
		}
	}

since it doesn't consider VLAN tagged packets coming in the headers
won't match this paradigm so the packets get through out.  I did a quick 
hack and changed it to:
	if (!(BDG_ACTIVE(ifp))) {
		/*
		 * Discard packet if upper layers shouldn't see it because it
		 * was unicast to a different Ethernet address. If the driver
		 * is working properly, then this situation can only happen 
		 * when the interface is in promiscuous mode.
		 */
		if ((ifp->if_flags & IFF_PROMISC) != 0
		    && (eh->ether_dhost[0] & 1) == 0
		    && bcmp(eh->ether_dhost,
		      IFP2AC(ifp)->ac_enaddr, ETHER_ADDR_LEN) != 0
		    && (ifp->if_flags & IFF_PPROMISC) == 0) {
			/*
			 * Let VLAN packets go to the SW VLAN node needed for
			 * bridging
			 */
			if (! (vlan_input_p != NULL
			    && ntohs(eh->ether_type) == ETHERTYPE_VLAN )) {
				m_freem(m);
				return;
			}
		}
	}

That makes it work.  I rather doubt this is the right solution.

Suggestions greatly appreciated.  This issue is in -current and -stable.

Thanks,

Doug A.


More information about the freebsd-net mailing list