Ah, ok... and then you assign the IP address to that vport... thanks... will try that out later.
On Tue, Dec 19, 2023 at 2:42 PM Zé Loff <zel...@zeloff.org> wrote: > > On Tue, Dec 19, 2023 at 02:25:01PM +0100, Lars Bonnesen wrote: > > That is exactly what I want. > > > > Ah, veb... although I cannot make it work. I see a lot of arp'ing not > > getting any replies. So devices that working before tries to arp for the > > gateway and not getting any replies.even though they are on the same > layer2 > > net: > > > > 12:28:54.101968 arp who-has 172.18.14.1 tell 172.18.14.201 > > 12:28:54.573677 arp who-has 172.18.14.1 tell 172.18.14.101 > > 12:28:55.101913 arp who-has 172.18.14.1 tell 172.18.14.201 > > 12:28:55.597716 arp who-has 172.18.14.1 tell 172.18.14.101 > > 12:28:56.101910 arp who-has 172.18.14.1 tell 172.18.14.201 > > Apologies, there was a missing detail on my suggestion: it is meant to > completely bypass the router, which plays no part in that vlan's > traffic (more details below, if needed). > > If you want the router/gateway to be connected to that VLAN, you need to > create a vport interface and add it to the veb, as noted on veb's man > page. > > > Unecessary details: > I get thee VLANs from my ISP on the same wire: internet, VoIP and IPIV. > I need to manage the internet connection, but not the rest, so I used > the veb to simply forward all traffic (DHCP, etc) on the VoIP VLAN > directly to the VoIP phone. This means that the firewall/gateway plays > no part in it, other than blindly forwarding at L2. I could to this > simply putting the managed switch before the firewall, but the idea of > having a managed switch directly connected to the internet, makes me > itchy. > >
