* Martin Pieuchot <m...@openbsd.org> [03.11.2015 17:55]: > I'm not sure it applies on 5.8 though...
Nope, but I found the following changes to be sufficient on 5.8. It just keeps the vlan tagged packets away from the bridge. Index: net/if.c =================================================================== RCS file: /cvs/src/sys/net/if.c,v retrieving revision 1.357 diff -u -p -u -r1.357 if.c --- net/if.c 13 Aug 2015 07:19:58 -0000 1.357 +++ net/if.c 4 Nov 2015 10:35:07 -0000 @@ -432,7 +432,7 @@ if_enqueue(struct ifnet *ifp, struct mbu unsigned short mflags; #if NBRIDGE > 0 - if (ifp->if_bridgeport && (m->m_flags & M_PROTO1) == 0) + if (ifp->if_bridgeport && (m->m_flags & (M_PROTO1 | M_VLANTAG)) == 0) return (bridge_output(ifp, m, NULL, NULL)); m->m_flags &= ~M_PROTO1; /* Loop prevention */ #endif @@ -522,7 +522,8 @@ if_input_process(void *xmq) } #if NBRIDGE > 0 - if (ifp->if_bridgeport && (m->m_flags & M_PROTO1) == 0) { + if (ifp->if_bridgeport && + (m->m_flags & (M_PROTO1 | M_VLANTAG)) == 0) { m = bridge_input(ifp, m); if (m == NULL) continue;