Hi all,
I'm having trouble bridging VLANs.
By doing the following:
vconfig add eth1 10
vconfig add eth2 10
brctl addbr br10
brctl addif br10 eth1.10
brctl addif br10 eth2.10
ifconfig eth1.10 up
ifconfig eth2.10 up
ifconfig br10 up
I create a bridge which bridges packets tagged with VLAN ID 10.
Doing
ebtables -A FORWARD --log -j ACCEPT
Results in lots of log entries in /var/log/messages, as one would expect.
However,
ebtables -F
ebtables -A FORWARD -p 8021q --log -j ACCEPT
Results in absolutely nothing in /var/log/messages, which would indicate that at
some point, the VLAN headers are disappearing from my bridged packets.
Having had somebody else have a look at this to confirm that I had it right, I
got this response from them:
> eth1 -> eth1.10 -> br0 -> eth2.10 -> eth2
>
>This works fine using *untagged* vlan packets.
>
>Using that layout with *tagged* vlan packets, however, reveals what
>seems to be a bug in the Linux bridge code in combination with the vlan
>code.
>
>I was able, in that configuration, to see tagged packets come in on eth1
>and eth1.10, and to see them matched by the ebtables rules on eth1.10.
>
>The *outbound* packets, on eth2, were sent as untagged Ethernet frames;
>something in the bridge or vlan process had stripped the vlan header
>entirely.
>
>I was able to reproduce this issue with a stock Linux 2.6.17 kernel,
>without any of my code involved, so I believe it to be a bug in the
>underlying kernel networking code.
>
So, is this a bug? Or have I got something horribly wrong?
Regards,
Leigh
Leigh Sharpe
Network Systems Engineer
Pacific Wireless