Let me make a slight correction. VLAN is implemented in Layer -2, that is Link Layer, not Physical Layer. Also, I doubt, if you can get packets to all VLANs from an application which listens on eth0. Only untagged frames will be available from eth0. All tagged frames will be diverted to eth0.x. Now, the virtual interfaces act as protocol driver (L3) to the eth0 driver. But they expose themselves as a L2 NIC driver to the IP stack. (They register themselves as net_device). IMHO, you can use hooks provided in the stack, like netfilter etc. or the services provided by netpcap. best regards jojan -----Original Message----- From: vlan-bounces@xxxxxxxxxxxxxxx [mailto:vlan-bounces@xxxxxxxxxxxxxxx]On Behalf Of Peter Stuge Sent: Thursday, March 24, 2005 4:21 AM To: vlan@xxxxxxxxxxxx Subject: Re: [VLAN] VLAN, Linux, and raw sockets On Wed, Mar 23, 2005 at 02:39:17PM -0500, cnelson@xxxxxxxxxxxx wrote: > > On Wed, Mar 23, 2005 at 01:38:28PM -0500, cnelson@xxxxxxxxxxxx wrote: > > > Can I open a raw socket and get all traffic on an interface with > > > VLAN tags intact? Anything to get me started would be welcome. > > > > Use eth0. > > Are you saying that if I open eth0, I'll see everything but if I open > eth0.xx I'll only see traffic for VLAN xx? Right. Make sure to set eth0 in promiscuous mode and you'll get everything. > I've tinkered with this a little and what I seem to find is that if > my switch sends tagged frames to the Linux system, system services > (arp, etc.) don't work. I'm guessing that they don't know what to > do with tagged frames and that he frames aren't stripped. VLAN is implemented in the physical layer. It might help to think of it as a virtual NIC driver. (Although it isn't implemented that way.) VLAN interfaces are no different from other interfaces. But you have to add the VLAN interfaces before Linux will function on the VLANs. > > You could also check out libpcap which may be able to do > > most of the work for you. > > Processing tags myself is trivial -- it's just a 4-bytes offset in > the Ethernet frame. Right. libpcap is also pretty portable, and will probably offer a bell or whistle or two. > The problem I'm having is getting system services to ignore (or not > see) tags. Perhaps we could help more if we knew what your goal was. Why do you want to look at the VLAN tags? //Peter _______________________________________________ Vlan mailing list Vlan@xxxxxxxxxxxx http://www.lanforge.com/mailman/listinfo/vlan --------------------------------------------------------------------------- "This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken upon this e-mail is strictly prohibited and may be unlawful." ---------------------------------------------------------------------------