Zoilo Gomez wrote: > Hi Joe, and others on this group, > > I found your messages from March 2005 in this VLAN candelatech.com > mailing list, concerning VLAN stripping on Intel. Have you ever been > able to get this working? > > I have the following setup on a router (gentoo / linux-2.6.16.20): > => eth0: external DSL link > => eth1: internal e1000 gigabit nic, connected to hp2626 vlan-switch. > > On eth1, I have created several VLANs, say vlan1 - vlan9, to separate > different groups of clients / traffic. > > As pointed out by you and others, the hardware vlan insertion/stripping > makes that, if a ping is performed through eg. vlan2, then: > => tcpdump -n -i vlan2: will reveal both icmp-request en icmp-reply > packets (untagged), however > => tcpdump -n -i eth1: will reveal only the icmp-request packets, and in > untagged format. > > WYSINWYG! > > What I need to do is traffic-shaping (http://www.lartc.org) based on > VLAN. I want to use iptables/ebtables to mark packets on different > vlans, so I can use 'tc filter' on eth1 to sort them into different > classes for my qdisc. DSL (eth0) download shaping must occur on eth1 > (egress interface). It cannot be done on individual vlan interfaces, > since then there would be no way to have them use each others unused > bandwidth. > > But if I understand things correctly, then this is in fact impossible, > because I cannot seem to match/mark these packets in any way on eth1 (in > spite of the spooky egress vlan traffic on eth1 / tcpdump !?! You can > see it, but you cannot match it). > > So besides it being a nuisance that tcpdump is in fact broken (showing > things that are not there, and not showing things that are there) it > seems impossible to do proper traffic shaping, because of the hardware > vlan tagging. When I try this on a e100 (no hardware vlan tagging) then > tcpdump works as expected (I see all tagged packets on eth1, and I see > all untagged packets on vlanX) and I can also match the packets as > expected. > > AFAICS there is no easy way to disable hardware tagging on e1000, so I > would need to hack the driver. > > Is there another way to work around this? > > Or perhaps does someone know another Gigabit NIC where hardware vlan > tagging can easily be disabled (or is absent)? > > Any suggestions / experiences will be greatly appreciated ! You not see the packets with tcpdump on eth1, but they are there. Just attach tc filters on eth1 and use marking. I have also this situation and works perfectly. > Z. > > _______________________________________________ > Vlan mailing list > Vlan@xxxxxxxxxxxxxxx > http://www.candelatech.com/mailman/listinfo/vlan > >
