FreeBSD Networking Questions / vlan, lagg, routing, FIBs, ezjail

[Nikos Vassiliadis]

Peter Cornelius wrote:
> - On my router, why do I have to set the base interface to
> promiscuous mode in order to get packets from/to my vlans through? Am
> I doing something wrong? Are there any implications of working this
> way? 

Hm, the promiscuous mode must be needed for the vlan driver.
But you don't have to set it.

I can't think of any implication in a switched ethernet environment.

It is just that every frame received from the cable is offered
to the operating system for further evaluation. In a switched
ethernet environment every frame that will reach your card will
be either:
1) for you.
2) a broadcast frame.
3) a multicast frame.

Things would be very different, if your system was connected to a
hub where a multitude of frames(every frame on the ethernet) would
be interrupting the kernel for no reason.

- On my "server", is there any way to set up individual
> "default" routes (to the router) for each of the vlans short of
> tucking the ezjails behind the vlan interfaces each into their own
> FIB (btw,. has anyone ever done that?)?

Yes, from FreeBSD-7.1 and beyond, there is support
for up to 16 routing tables. Use the setfib command
to select routing table for outgoing connections.
Something like, "setfib 10 jail $JAILOPTSANDARGS",
in the jail case. You have to compile a kernel
with the option ROUTETABLES=n. Read the message for
revision 1.1485 from here:
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/conf/NOTES

Nikos