|
I have a question dealing with vlans
and bridges on an OpenBSD-stable box. First, what I am trying to do is below in ascii art as much as I hate ascii art.
--------------------- | Cisco 6509 | --------------------- |
fa3/0 dot 1q trunk to OBSD bridge fxp0 | | ------------------------ | ------------------------ | |
fa0/1 dot 1q trunk back to OBSD bridge fxp1 ------------------------ | Cisco 2900XL | ------------------------
|
|
|
|
vlan 145 | | | vlan20 | | vlan 21 | vlan 202 Configuration for the bridge itself is : I have rebuilt my kernel with the option to add more vlans. /etc/mygate
à empty /etc/hosts à only the loopback,
no hostname /etc/sysctl à forwarding set to one /etc/rc.conf à pf set to yes /etc/hostname.fxp0 up /etc/hostname.fxp1 up /etc/hostname.vlan0 inet 128.252.20.0 255.255.255.0 NONE vlan 20 vlandev fxp1 /etc/hostname.vlan1 inet 128.252.21.0 255.255.255.0 NONE vlan 21 vlandev fxp1 /etc/hostname.vlan2 inet 128.252.145.0 255.255.255.0 NONE vlan 145 vlandev fxp1 /etc/hostname.vlan3 inet 128.252.202.0 255.255.255.0 NONE vlan 202 vlandev fxp1 /etc/bridgename.bridge0 add
fxp0 add fxp1 add vlan0 add vlan1 add vlan1 add vlan
3 up As of right now, I am unable to get this bridge to pass any
traffic whatsoever. The pf.conf simply allows all out and all in until I can get
the testbed to work. What I do know is that the machines hanging off the 2900xl
can talk to the 6509 without the firewall in place. Which means that I know the trunking is set up correctly on the
2900xl and the 6509. The machines
all have IP address in the correct vlan, the vlans are set on the 2900xl, and the gateways on the machines are set to the
6509. Things I have tried: It
seems to me that the vlans act as there own
interfaces even though they are tied to fxp0 or fxp1. Since it doesn’t really make sense
to put an interface on a bridge
I tried to bring them up as vlan 20 vlandev
fxp1 this brought up the vlans but
still did not pass any traffic. I
have also tried bringing them up as a real IP instead of a full /24 class C
notation. Ie 128.252.21.230
255.255.255.0 Which works if you
have a routing OBSD machine. I have also tried only adding the vlans into the bridgename.bridge0 without success. I have been working on different variations of this for a
week and haven’t gotten OBSD to work as a transparent bridge. I did however to get it to work as a router. However, it seems as though people here
would rather have it set up as a bridge. I have seen a lot of things on deja
that say rtfm ie brconfig, vlan(4) etc., although I have rtfm’ed
everything I can get my hands on I still have not come up with a solution. Maybe I have missed something quick and
easy maybe not. If I need to go rtfm some more let me know where to go to get information
on this particular setup without NAT’ting. Any help on this will save a lot of me banging my head into
the wall. Much appreciated, Andrew Eaton Network Engineer |
- Re: Mult-vlan bridge without nat Eaton, Andy
- Re: Mult-vlan bridge without nat Oskar Eyb
- FW: Mult-vlan bridge without nat Eaton, Andy
