lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 18 Mar 2011 00:22:05 +0100
From:	Seblu <seblu@...lu.net>
To:	Jesse Gross <jesse@...ira.com>
Cc:	netdev <netdev@...r.kernel.org>
Subject: Re: bnx2 vlan issue

On Thu, Mar 17, 2011 at 8:16 PM, Jesse Gross <jesse@...ira.com> wrote:
> On Thu, Mar 17, 2011 at 11:02 AM, Seblu <seblu@...lu.net> wrote:
>> On Thu, Mar 17, 2011 at 3:51 PM, Seblu <seblu@...lu.net> wrote:
>
> It was a bug that it worked at all and whether it worked depended on
> the hardware/firmware/driver.  If an interface is attached to a
> bridge, the bridge takes all the packets received on that interface,
> including vlan packets.
ok i see.

>
> There are a few ways to setup vlans and bridging that work on all
> kernels and with all NICs:
>
> * vlans on interface, bridges contain vlan devices.  This gives you a
> bridge for each vlan.
Except for untagged isn't it? This is why i fail. I need to have a
bridge with the untagged vlan from an interface.
Before 2.6.37 (with most of drivers/firmware/hardware i use) when a
vlan is defined on an interface, for example eth0, eth0.15 show vlan15
frames and eth0 show untagged frames.

I've tryed eth0.0, expecting to have untagged vlan, but this doesnt work.
How can I create a bridge with the untagged vlan from an interface?

> * bridge on interface, vlans on bridge device.  This gives you a
> bridge with all packets and vlan devices can give you specific vlans.
I cannot use this schema, i used bridge to bring together vnet
interface and vlan interface.

> * Use ebtables rules in the bridge to accept/reject certain packets as desired.
I don't see how use ebtables to push untagged frame to a dedicated
iface which can be added in a bridge.

-- 
Sébastien Luttringer
www.seblu.net
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ