Ben Greear <greearb@candelatech.com> writes:

quoted text
> Bridging eth0 to eth1 should not pay attention to VLAN tags
> at all (if the pkt comes in on VLAN 7, it should go out on VLAN 7),
> in my opinion.  If the NIC is stripping the VLAN header, then this
> cannot work unless something re-builds the VLAN header.  If the stripped
> VLAN header is placed into the skb, then any code that does need to
> rebuild it can do so.  It may be less efficient, but users can just
> not use that NIC hardware for high-end solutions, and at any rate,
> less efficient is better than broken.

That is all true. The problem arises when you receive a tagged frame
on eth0, the chip removes the tag, and then the bridge sends it
out untagged on eth1.

I think there are two valid models for VLAN + bridging:

a) bridging works on "physical" interfaces, all tags are transmitted
   unchanged.

b) every VLAN is a different logical interface, packets from unknown
   VLANs are dropped on RX (and thus don't show up anywhere, except
   counters), bridging uses logical interfaces. VLAN 100 on eth0 may
   become VLAN 200 on eth1 and may be untagged on eth2.


"a" requires "soft" VLANs and/or adding the tags back (with
accelerated VLANs). This is how unmanaged switches labeled
"802.1Q - transparent" work. Not very flexible but usually good
enough.

"b" is how switches supporting VLANs (and 802.1Q) usually work.


I know ability to see exactly all packets as they are received
(including tags) is a really nice thing. But maybe we should change
the model? Making the ethX only carry untagged frames (even without
hw VLAN acceleration)?
-- 
Krzysztof Halasa
-
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/