[Bridge] Bridge between switch and router + VLAN issue

Stephen Hemminger shemminger at linux-foundation.org
Wed Oct 6 15:17:48 PDT 2010


On Tue, 5 Oct 2010 13:46:31 +0530
krunal patel <krunal.raj at gmail.com> wrote:

> Hi,
> 
> There is one setup i am not able to complete.
> 
> I am putting bridge between a VLAN aware switch and a router with VLAN's.
> 
> All hosts are behind VLAN switch and their gateway is router.
> All works well when there are no VLANs.
> 
> br0
> |--------eth0
> |--------eth1
> 
> When VLAN tags are added and passed to bridge, for forwarded traffic
> it works well.
> 
> Now, if i want to do transparent proxy i have to create vlan devices
> for eth0, eth1 and add them to bridge
> 
> br0
> |--------eth0
> |--------eth1
> |--------eth0.2
> |--------eth1.2
> 
> Problem here is, on one side of bridge router is there which gives
> same mac for different tagged and untagged traffic. So bridge only
> learns one mac. So some tagged frame entered into bridge and if we do
> transparent proxy on it. Frames generated by proxy to router goes
> untagged or with different tag.
> To do proxy and handle vlan tag i have to add vlan interfaces into
> same bridge but vlan tags are not same.

This isn't going to work because it creates a loop.  eth0 sees
both tagged and untagged frames and eth0.2 sees tagged frames

In recent kernels vlan 0 is supposed to work as way to manage
untagged frames. Maybe using:

 br0
 |--------eth0.0
 |--------eth1.0
 |--------eth0.2
 |--------eth1.2

-- 


More information about the Bridge mailing list