(solved) Re: bridge new vlan and iftagged "none"

In reply to: Ronald Klop : "bridge new vlan and iftagged "none""
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Ronald Klop <ronald-lists_at_klop.ws>
Date: Thu, 04 Sep 2025 11:00:41 UTC
Ah, after looking into the config of my switch and seeing the nice "untagged 1" on all interfaces it dawned on me what the config should be.
I now have this bridge:
bridge0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
    options=10<VLAN_HWTAGGING>
    ether 58:9c:fc:10:ea:3e
    id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
    maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
    root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
    bridge flags=1<VLANFILTER>
    member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 21 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
    member: epair4a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 18 priority 128 path cost 2000 vlan protocol 802.1q untagged 1
    member: epair6a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 15 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
    member: epair10a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 12 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
    member: epair2a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 9 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
    member: epair5a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 6 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
    member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 4 priority 128 path cost 2000 vlan protocol 802.1q untagged 1
    member: genet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
            port 1 priority 128 path cost 55 vlan protocol 802.1q untagged 1 tagged 3
    groups: bridge
    nd6 options=9<PERFORMNUD,IFDISABLED>
And everything works as expected.

I realize that I can now configure this to sent "tagged 1" traffic between genet0 and the switch and even further into my network. Would that have /any/ influence on performance?

Regards,
Ronald.

 
Van: Ronald Klop <ronald-lists@klop.ws>
Datum: donderdag, 4 september 2025 11:21
Aan: net@freebsd.org
Onderwerp: bridge new vlan and iftagged "none"
> 
> Hi,
> 
> I'm trying out the new bridge vlan functionality.
> I can't find a lot of examples of the new config options yet and I'm a bit confused.
> 
> I have this setup working:
> 
> genet0 <--> bridge0 <--> multiple epairs for jails
> 
> Some epairs will be in vlan 3 and some epairs are not in a vlan.
> I have this working.
> bridge0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
>         options=10<VLAN_HWTAGGING>
>         ether 58:9c:fc:10:ea:3e
>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
>         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>         bridge flags=1<VLANFILTER>
>         member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 21 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
>         member: epair6a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 18 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
>         member: epair4a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 15 priority 128 path cost 2000 vlan protocol 802.1q
>         member: epair2a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 12 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
>         member: epair10a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 9 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
>         member: epair5a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 6 priority 128 path cost 2000 vlan protocol 802.1q untagged 3
>         member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 4 priority 128 path cost 2000 vlan protocol 802.1q
>         member: genet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 port 1 priority 128 path cost 55 vlan protocol 802.1q
>         groups: bridge
>         nd6 options=9<PERFORMNUD,IFDISABLED>
> epair4a still receives all traffic, so also traffic for vlan 3.
> My expectation was that I should be able to filter vlan traffic from epair4a by doing this.
> ifconfig bridge0 vlanfilter
> ifconfig bridge0 iftagged epair4a none
> And somehow make it possible to have genet0 to transfer all traffic even with vlanfilter enabled.
> 
> I don't understand if this is possible and how. Any insights?
> 
> Regards,
> Ronald.
>