Hi Joe, and others on this group, I found your messages from March 2005 in this VLAN candelatech.com mailing list, concerning VLAN stripping on Intel. Have you ever been able to get this working? I have the following setup on a router (gentoo / linux-2.6.16.20): => eth0: external DSL link => eth1: internal e1000 gigabit nic, connected to hp2626 vlan-switch. On eth1, I have created several VLANs, say vlan1 - vlan9, to separate different groups of clients / traffic. As pointed out by you and others, the hardware vlan insertion/stripping makes that, if a ping is performed through eg. vlan2, then: => tcpdump -n -i vlan2: will reveal both icmp-request en icmp-reply packets (untagged), however => tcpdump -n -i eth1: will reveal only the icmp-request packets, and in untagged format. WYSINWYG! What I need to do is traffic-shaping (http://www.lartc.org) based on VLAN. I want to use iptables/ebtables to mark packets on different vlans, so I can use 'tc filter' on eth1 to sort them into different classes for my qdisc. DSL (eth0) download shaping must occur on eth1 (egress interface). It cannot be done on individual vlan interfaces, since then there would be no way to have them use each others unused bandwidth. But if I understand things correctly, then this is in fact impossible, because I cannot seem to match/mark these packets in any way on eth1 (in spite of the spooky egress vlan traffic on eth1 / tcpdump !?! You can see it, but you cannot match it). So besides it being a nuisance that tcpdump is in fact broken (showing things that are not there, and not showing things that are there) it seems impossible to do proper traffic shaping, because of the hardware vlan tagging. When I try this on a e100 (no hardware vlan tagging) then tcpdump works as expected (I see all tagged packets on eth1, and I see all untagged packets on vlanX) and I can also match the packets as expected. AFAICS there is no easy way to disable hardware tagging on e1000, so I would need to hack the driver. Is there another way to work around this? Or perhaps does someone know another Gigabit NIC where hardware vlan tagging can easily be disabled (or is absent)? Any suggestions / experiences will be greatly appreciated ! Z.