[Bridge] using bridges to connect vlans and untagged data
Zoilo Gomez
zoilo at xs4all.nl
Sun Feb 21 17:12:41 PST 2010
Thank you Richard.
Anyway, I just found the solution while re-reading the FAQ
http://ebtables.sourceforge.net/misc/brnf-faq.html (see section 3: How
do I let vlan-tagged traffic go through a vlan bridge port and the other
traffic through a non-vlan bridge port?).
And lo-and-behold - after adding the ebtables rule ....
ebtables -t broute -A BROUTING -j DROP -i eth1 -p 802_1Q --vlan-id 23
.... now everything works like a charm!
I can now ping through br1 as well (br0 was never a problem) -
vlan23-traffic arriving on eth1 does not get bridged, but instead the
vlan23-tag is stripped and the packet then arrives magically on my
vlan23-interface.
Only after reading this part for the 3rd time just now, I suddenly
understood the meaning, added the brouter rule, and done.
Thank you all for your support,
Z.
richardvoigt at gmail.com wrote:
> On Sun, Feb 21, 2010 at 5:24 PM, Zoilo Gomez <zoilo at xs4all.nl> wrote:
>
>> I have the following interfaces:
>> => vlan22 and vlan2 on eth0
>> => vlan23 and untagged traffic on eth1
>>
>> The essence is that:
>> => vlan22 at eth0 and vlan23 at eth1 need to be bridged, and
>> => vlan2 at eth0 and the untagged traffic on eth1 need to be bridged.
>>
>> Software:
>> => Gentoo 10.1
>> => linux 2.6.32.7 vanilla
>> => vconfig 1.9
>> => bridge-utils 1.4
>>
>> ===== My implementation:
>>
>> vconfig add eth0 2
>> vconfig add eth0 22
>>
>> vconfig add eth1 23
>>
>> brctl addbr br0
>> brctl addif br0 vlan2
>> brctl addif br0 eth1
>>
>> brctl addbr br1
>> brctl addif br1 vlan22
>> brctl addif br1 vlan23
>>
>> ebtables -P FORWARD DROP
>>
>> ebtables -A FORWARD -j ACCEPT -p ! 802_1Q -i eth1 -o vlan2
>> ebtables -A FORWARD -j ACCEPT -p ! 802_1Q -i vlan2 -o eth1
>>
>> ebtables -A FORWARD -j ACCEPT -i vlan23 -o vlan22
>> ebtables -A FORWARD -j ACCEPT -i vlan22 -o vlan23
>>
>> Unfortunately, the vlan23 interface stops receiving data as soon as eth1
>> is connected to br0. It seems that the bridge sucks all data from eth1,
>> effectively disabling vlan23; why is this?
>>
>> How can I get access to the untagged data on eth1, while simultaneously
>> using vlan23 at eth1 ?
>>
>> Or should I use a different approach?
>>
>
> This is an issue with linux vlan support, there is no interface for
> untagged traffic. eth1 represents all traffic through that nic
> whether tagged or not.
>
> You should ask this question again on the vlan mailing list, maybe
> there's a new configuration option I don't know about or maybe they
> can offer a workaround.
>
>
>> Z.
>>
>> _______________________________________________
>> Bridge mailing list
>> Bridge at lists.linux-foundation.org
>> https://lists.linux-foundation.org/mailman/listinfo/bridge
>>
>>
>
>
More information about the Bridge
mailing list