Re: Inter-vlan routing problem

[Mike Tancsa]

At 11:52 AM 8/20/2010, Xavier HUMBERT wrote:
vlan3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    description: Chateau
    options=3<RXCSUM,TXCSUM>
    ether 00:e0:81:2d:62:3e
    inet 10.75.2.251 netmask 0xffffff00 broadcast 10.75.2.255
    media: Ethernet autoselect (1000baseT <full-duplex>)
    status: active
    vlan: 30 parent interface: bge0
vlan4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    description: VoIP
    options=3<RXCSUM,TXCSUM>
    ether 00:e0:81:2d:62:3e
    inet 10.75.3.251 netmask 0xffffff00 broadcast 10.75.3.255
    media: Ethernet autoselect (1000baseT <full-duplex>)
    status: active
    vlan: 100 parent interface: bge0

Destination        Gateway            Flags    Refs      Use  Netif Expire
default            10.75.2.1          UGS         0    13742  vlan3
192.168.1.0/24     link#9             U           5   234765  vlan0
172.16.214.0/24    link#10            U           4   395054  vlan1
192.168.0.0/24     link#11            U           1     4659  vlan2
10.75.2.0/24       link#12            U           0     3361  vlan3
10.75.3.0/24       link#13            U           0     2716  vlan4
------------------------------------------------------------------------

The problem is that, from the gateway itself, I can "see" all devices on all
vlans (nmap proves this). But from my station (which is on the vlan 
#10), I can
access on my own vlan, and the default vlan #1. A ping or traceroute 
to another
machine - I tried the defaul_router, which as you can see is on vlan #30 -
fails miserably. Tcpdump is not very helpful :

------------------------------------------------------------------------
[xav...@imac-xav ~]$ traceroute 10.75.2.1
traceroute to 10.75.2.1 (10.75.2.1), 64 hops max, 52 byte packets
 1  gateway (172.16.214.251)  0.697 ms  0.227 ms  0.245 ms
 2  * * *

I dont understand, why is 10.75.2.1 going out your default interface 
? It should look for packets on the same subnet that the vlan3 interface is on

Can you do an
arp -na
and
netstat -Wnra

On the nortel switch, are you sure you have it on the equiv of a 
"trunk" port? Is there a way to see what MAC addresses the switch 
sees as part of what VLAN ?



Is the bad cksum relevant ?

Not necessarily. It might be due to the chksum offloading of the NIC driver.

        ---Mike





--------------------------------------------------------------------
Mike Tancsa,                                      tel +1 519 651 3400
Sentex Communications,                            m...@sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada                         www.sentex.net/mike

_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"