FreeBSD Networking Questions / vlan, lagg, routing, FIBs, ezjail
Peter Cornelius
pcc at gmx.net
Sat Mar 28 11:29:07 PDT 2009
> Now, it is my suspicion that the apparent need for promisc at the router
> end indeed is an apperent one and not really the router's fault but rather
> the other end's. The other end, in this case, is the server below.
>
> If the server, with its single MIB, default-routes its packets through one
> specific of its vlans which may not be the one, at the router's end, with
> the corresponding IP network the traffic entered into the net, would it be
> possible that there's something preventing them be received? Unless there's
> promisc on, of course...
>
> I'll grab the laptop next time I think of it and have the switch monitor
> traffic to it to see what really is on the wire, maybe that helps and gives
> me a clue. I just keep forgetting the bl**dy thing each time I leave...
Ok, after a good portion of fiddling with the switch, it seems that you cannot copy traffic from link-aggregated ports to a monitor port on a Linksys SRW2016. Now out at my wits end here it seems.
I'll try the FIB approach hopefully next week then.
> > - On my "server", is there any way to set up individual
> > > "default" routes (to the router) for each of the vlans short of
> > > tucking the ezjails behind the vlan interfaces each into their own
> > > FIB (btw,. has anyone ever done that?)?
> >
> > Yes, from FreeBSD-7.1 and beyond, there is support
> > for up to 16 routing tables. Use the setfib command
> > to select routing table for outgoing connections.
>
> So, I interpret your response as that I am correct, I have a single
> default route per FIB, and that's it. Which effectively means that I do need
> FIBs. I agree that this behaviour might make some sense :)
>
> > Something like, "setfib 10 jail $JAILOPTSANDARGS",
> > in the jail case. You have to compile a kernel
> > with the option ROUTETABLES=n. Read the message for
> > revision 1.1485 from here:
> > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/conf/NOTES
>
(...)
> Generally speaking, or rather, inquiring, has anyone ever done FIBs with
> ezjail? It probably is very easy, and I consider(ed) looking into it myself
> but I currently spend about max. an hour every 2-3 days on FreeBSE so I
> don't really progress. Well, might eventually, but that'll be dunno when. But
> well, such is life, and this is pleasure not work :) and I hope to learn
> something useful on the way.
(...)
> [1]
> http://lists.freebsd.org/pipermail/freebsd-arch/2007-December/007331.html
Regards,
Peter.
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger01
More information about the freebsd-questions
mailing list