Hello, On Mon, Mar 05, 2007 at 10:15:27AM +0800, net-wolf wrote: > [root@ws root]# > -------------------------------- > When bridge is up, 99% ping packet for box B to box A is lost,but box B did > get right mac address of box A. > I have also tried > ifconfig eth1.2 hw ehter 00:90:27:8C:3F:E2 > ifconfig eth1.2 hw ehter 00:90:27:8C:3F:E3 > but no lucky. This means you do not understand the real issue here :-) > Sorry for such a long post, any hints is appreciated. > Hello, Ard van Breemen , I think catalyst 2924 XL support IVL,do you think so? http://www.cisco.com/en/US/products/hw/switches/ps607/products_data_sheet09186a00800922fe.html It's end of life, and with only a 3.2Gb/s I doubt it would do IVL. Only the latest catalyst release added 802.1Q. And seeing your problems you definitely have SVL :-(. So you have the following choices: - Buy a new expensive switch (>10000 euro for an IVL if I am correct) - Buy a wrt device (around 50 euro's), and put you router in an even numbered vlan, and your hosts in an odd numbered vlan. - Do mac-address masquerading (never done it) - Do proxy-arp and use routed networks on your router. Using proxy-arp, the hosts don't have to know that they don't see eachother. Proxy-arp is described in http://lartc.org/ The problem: One host does an arp. This means the bridge on the router *must* forward that packet, and will do so exactly. Since the switch was never build to think in seperate vlans, it will see the mac-address move from the host-port to the router port. Any new traffic destined for that host will go to the router port. The router will bridge it further, and the switch will drop it, since the mac-address is only known at the port of the router. SVL is the same as having a normal switch: you only have a mac-address->port lookup, except that traffic is filtered on vlan level. In IVL, you have an independent vlan+mac-address->port lookup. Regards, Ard _______________________________________________ Vlan mailing list Vlan@xxxxxxxxxxxxxxx http://www.candelatech.com/mailman/listinfo/vlan
