Disabling VLAN_HWTAGGING

Ruslan Ermilov ru at freebsd.org
Tue Mar 30 00:09:35 PST 2004 

On Mon, Mar 29, 2004 at 01:14:46PM -0800, Julian Elischer wrote:
> 
> 
> On Mon, 29 Mar 2004, David Gilbert wrote:
> 
> > >>>>> "Julian" == Julian Elischer <julian at elischer.org> writes:
> > 
> > >> itself.  No matter how it's set, in both Linux and FreeBSD, many
> > >> nge chipsets will not show vlan packets from the driver with a
> > >> tcpdump.
> > 
> > Julian> netgraph interception?
> > 
> > I don't understand the question.  If you have a vlan on nge0, and you
> > tcpdump the vlan interface, you get what you expect.  If you tcpdump
> > the nge0 interface, you get all the packets from all the vlans without
> > vlan tags to differentiate.  The FreeBSD and Linux drivers share this
> > behaviour.
> 
> I was just pointing out that if tcpdump seems to not catch some things
> you can also try netgraph interception..
> But apparently from what you say it's not needed.
> 
This is more convoluted than it seems.

In 4.x, if the interface supports VLAN stripping in firmware,
the driver calls if_vlan.c:vlan_input_tag() which "fakes up" a
normal VLAN header and passes it to BPF for inspection.  OTOH,
vlan_input_tag() also searches through the list of all vlan(4)
interfaces attempting to find an interface with the matching
VLAN tag, so ng_vlan(4) doesn't have a chance of working in
RELENG_4 for NIC drivers that support stripping VLAN tags in
firmware.

In 5.x, drivers always call ether_input() which has proper
hooks into Netgraph (so ng_vlan(4) always works), but it
doesn't "fake up" the VLAN header as vlan_input_tag() does
in RELENG_4, so you cannot see the original VLAN packet --
you see the VLAN-stripped packet on the parent interface
(I will look into fixing it later)!

In any case, you cannot see the "normal" VLAN packet with
tcpdump(1) on originating host that does the VLAN insertion
in firmware.  (You need to set the IFF_LINK0 flag on the
vlan(4) interface in RELENG_4 to tell it that the parent
device supports VLAN insertion in firmware.)


Cheers,
-- 
Ruslan Ermilov
ru at FreeBSD.org
FreeBSD committer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20040330/8167c342/attachment.bin

More information about the freebsd-net mailing list