lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 1 Feb 2012 16:44:40 +0000 (GMT)
From:	Leonardo Uzcudun <uzcudunl@...oo.it>
To:	yao zhao <yao.development@...il.com>,
	Eric Dumazet <eric.dumazet@...il.com>
Cc:	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: VLAN 1 - Native

I'm sorry guys but i'm not understanding. Allow me to ask in a different way.

I've a linux computer with 3 network cards (eth0, eth1 and eth2)

eth0 is connected to a switch with vlans config.
eth1 is connected to a network that has VID 1
eth2 is connected to a network that has VID 101

I've the following configuration:

ip addr add 0.0.0.0 dev eth0
ip link set eth0 up
ip link add link eth0 name eth0.1 type vlan id 1
ip link add link eth0 name eth0.101 type vlan id 101
ip addr add 0.0.0.0 dev eth0.1
ip addr add 0.0.0.0 dev eth0.101
ip link set eth0.101 up
ip link set eth0.1 up
brctl addbr br_vlan_1
brctl addbr br_vlan_101
brctl addif br_vlan_1 eth0.1 eth1
brctl addif br_vlan_101 eth0.101 eth2
ip addr add 0.0.0.0 dev br_vlan_1
ip addr add 0.0.0.0 dev br_vlan_101
ip link set br_vlan_1 up
ip link set br_vlan_101 up


with this setup, the traffic on VID 101 is working fine. The devices across the switch and eth2 communicate each other but, the devices on VID 1 don't communicate with those connected to eth1

If I remove eth0.1 and add eth0 to br_vlan_1 i have the opposite situation:
the traffic on VID 101 is NOT working. The devices across the switch and eth2 DO NOT communicate each other
but, the devices on VID 1 communicate with those connected to eth1. Of course on br_vlan_1 i'm getting the VID 1 traffic AND the VID 101....

Thanks again,

Leo





----- Messaggio originale -----
Da: yao zhao <yao.development@...il.com>
A: Eric Dumazet <eric.dumazet@...il.com>
Cc: Leonardo Uzcudun <uzcudunl@...oo.it>; "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Inviato: Mercoledì 1 Febbraio 2012 17:25
Oggetto: Re: VLAN 1 - Native

On Wed, Feb 1, 2012 at 10:05 AM, Eric Dumazet <eric.dumazet@...il.com> wrote:
> Le mercredi 01 février 2012 à 09:57 -0500, yao zhao a écrit :
>> On Wed, Feb 1, 2012 at 9:50 AM, yao zhao <yao.development@...il.com> wrote:
>> >
>> >
>> > On Wed, Feb 1, 2012 at 8:04 AM, Eric Dumazet <eric.dumazet@...il.com> wrote:
>> >>
>> >> Le mercredi 01 février 2012 à 11:24 +0000, Leonardo Uzcudun a écrit :
>> >> > ________________________________
>> >> > Da: Leonardo Uzcudun <uzcudunl@...oo.it>
>> >> > A: "netdev@...r.kernel.org" <netdev@...r.kernel.org>
>> >> > Inviato: Mercoledì 1 Febbraio 2012 12:22
>> >> > Oggetto: VLAN 1 - Native
>> >> >
>> >> > Hello:
>> >> >
>> >> > I'm connecting my Linux computer (debian 2.6.32-5) to a switch to
>> >> > implement vlans.
>> >> >
>> >> > All is working fine except for the VLAN 1. Of sure you are aware of
>> >> > this situation and i would like to knoe if there is any parameter or
>> >> > setting that i should set in the vlan (linux side, not switch)
>> >> > configuration. Here's my configuration:
>> >> > ip addr add 0.0.0.0 dev eth0
>> >> > ip link set eth0 up
>> >> > ip link add link eth0 name eth0.1 type vlan id 1
>> >> > ip link add link eth0 name eth0.101 type vlan id 101
>> >> > ip addr add 0.0.0.0 dev eth0.1
>> >> > ip addr add 0.0.0.0 dev eth0.101
>> >> > ip link set eth0.101 up
>> >> > ip link set eth0.1 up
>> >> > brctl addbr br_vlan_1
>> >> > brctl addbr br_vlan_101
>> >> > brctl addif br_vlan_1 eth0.1
>> >> > brctl addif br_vlan_101 eth0.101
>> >> > ip addr add 0.0.0.0 dev br_vlan_1
>> >> > ip
>> >> > addr add 0.0.0.0 dev br_vlan_101
>> >> > ip link set br_vlan_1 up
>> >> > ip link set br_vlan_101 up
>> >> >
>> >> > Traffic on vlan 101 is working fine. Traffic on VLAN 1 is not working
>> >> > cause the packets are going out from eth0 like tagged. How could i set
>> >> > the VID 1 as untagged?
>> >>
>> >> What do you mean by "sending packets for VID 1, untagged " ?
>> >>
>>  on switch like Cisco: vlan 1 is the native vlan or default vlan so it is
>>  untagged. untagged means packet has no vlan header.
>>
>> >>
>> >> What is the difference between vlan 101 and vlan 1 ?
>>
>>  No other difference. Just because it is vlan 1  which is special in
>>  switches(of course it can be changed on switch side but he doesn't want to)
>
> VID=1 is not the "known" native vlan at all, this is a vendor (stupid ?)
> extension.
>
That is true. But in IEEE standard it also said you can specify
whether a vlan can be untagged or tagged on egress.

> There is no ID reserved to untagged traffic in the 802.1Q specs, since
> by definition, if traffic is untagged, there is _no_ VLAN tag in the
> frame.
>
> Untagged traffic on linux is on eth0 itself (ingress or egress), not on
> eth0.xxx
>
If you want linux to do as a switch too, then you can have to make up
something that what ERic said, use physical interface as the vlan 1,
as it is untagged. When vlan 1 is not native vlan you have to change
back to eth0.1. and change that new native vlan to physical interface.

yao
>
>
>

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ