Re: Transparent http filtering VLAN traffic without being a member of tagged VLANs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

# ifconfig br0
br0       Link encap:Ethernet  HWaddr 00:0E:0C:C4:AA:E7
          inet addr:SOMEIP  Bcast:SOMEBCAST  Mask:255.255.255.252
          inet6 addr: fe80::20e:cff:fec4:aae7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:88539199 errors:0 dropped:0 overruns:0 frame:0
          TX packets:422429 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:457848874 (436.6 MiB)  TX bytes:53152547 (50.6 MiB)


br0.206   Link encap:Ethernet  HWaddr 00:0E:0C:C4:AA:E7
          inet6 addr: fe80::20e:cff:fec4:aae7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:901504 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:545628196 (520.3 MiB)  TX bytes:492 (492.0 b)


# ip link set up dev br0.206

# ip link show | grep br0.206
27: br0.206@br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue

# route add -net 91.93.179.88 netmask 255.255.255.248 dev br0.206
SIOCADDRT: No such device

# ip ro add 91.93.179.88/29 dev br0.206
RTNETLINK answers: No such device

# ip ro sh dev br0.206
NO OUTPUT


Kernel is Linux 2.6.18 Centos EL5 Kernel.



On Thu, Feb 18, 2010 at 12:36 PM, Marek Kierdelewicz <marek@xxxxxxxxx> wrote:
> Hello,
>
>>This may be our problem. However ip route add returns
>>"SIOCADDRT: No such device"
>>while I see br0.26 in ifconfig output.
>
> Strange. It should work. Tested on debian lenny:
>
> rt1:/# brctl addbr br0
> rt1:/# ip link set up dev br0
> rt1:/# vconfig add br0 26
> Added VLAN with VID == 26 to IF -:br0:-
> rt1:/# ip link set up dev br0.26
> rt1:/# ip ro add 10.100.0.0/30 dev br0.26
> rt1:/# ip ro sh dev br0.26
> 10.100.0.0/30  scope link    <- route is there!
>
> Post output of your "ip addr sh" and "ip ro show" and steps you take to
> set things up.
>
>>What about routing into not "dev br0.26" but to "dev br0"?
>
> In case of routing on br0 and not br0.26 AFAIK bridge would be sending
> replies untagged on native vlan. Maybe there are some ebtables hacks
> I don't know about.
>
> Best regards,
> Marek Kierdelewicz
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux