> > Your patch doesn't work if hardware does vlan acceleration. Vlan acceleration > > strips the tag off so skb->data points to actual contents and tag is passed > > up to vlan_receive_skb out of band. By the time the bridge sees the packet the > > actual tag is gone. > > Yes, I know. However, AFAIK out of band passing of the vlan tag is only > done when a vlan device is created and attached to the ethernet device > of the port. That's a weird case from my point of view: > > brctl addif br0 eth0 > vconfig add eth0 5 > > If you want to get vlan packets from a bridge, you'd better attach the > device to the bridge instead of one of the ports: > > brctl addif br0 eth0 > vconfig add br0 5 That's for bridging a trunk, but what about bridging between vlans: vconfig add eth0 5 vconfig add eth0 6 brctl add br0 eth0.5 brctl add br0 eth0.6 While you could combine the vlans, doing this allows you to force all traffic through packet filtering/traffic shaping/IDS. Usually you wouldn't then see the same MAC on two different VLAN but you might on spanning tree packets. _______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
