On 22/12/2010 11:15, Indexer wrote: > Hi, > > I plan to make a FreeBSD based router sometime soon. I would like to be able > to do port based vlanning on the router, so that a client computer that plugs > into that socket is "dumb" to the vlans' existance. > > IE > > em0 - untagged > em1 - vlan 1 > em2 - vlan 2 > > Is what i want to achieve (as a simple example). This way i can use unmanaged > switches on em2, and all clients behind that are to the router on vlan2 > > How does one go about this on freebsd. >
In /etc/rc.conf: ifconfig_em1="up -vlanhwtag" # You may or may not want hwtag -- try both vlans_em1="vlan1" ifconfig_em2='up -vlanhwtag" vlans_em2="vlan2" create_args_vlan1="vlan 1" ipv4_addrs_vlan1="192.168.12.34/24" create_args_vlan2="vlan 2" ipv4_addrs_vlan2="192.168.56.78/24" The em0 i/f should be configured as usual. This will create virtual interfaces vlan1 and vlan2 which you can apply firewall rules to etc. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature