2

I'd like to clarify some issues I have with bridging tagged traffic on Linux machine. I have a 2.6.20 (802.1q, bridging, ebtables are enabled) kernel and a device with two net interfaces (eth0 and eth1).

  1. If I create a bridge br0 and add eth0.10 and eth1.10, assign an IP to br0, then tagged traffic go through.

  2. If I create two bridges br0 (eth0.10, eth1.10) and br1 (eth0.20 and eth1.20) and assign IPs to br0 and br1 so they are in different subnet, then I can get VLAN 10 through br0 and VLAN 20 through br1.

  3. As soon as I want to add more than one VLAN to a bridge, it won't work any more.

What I want to do, is to pass untagged and tagged (set of selected VLANs) traffic through my machine, usig one bridge, so that my machine has only on IP?

Is this even possible with my (old) kernel? Should I use a different approach to implement desired functionality?

Thank you very much.

Klemen
  • 51
  • 1
  • 6

1 Answers1

2

Of course, bridge would forward any VLAN anyway so no need for multiple VLAN bridges :-)

So, I have a br0 with interfaces eth0 and eth1 that has no IP set and is used to forward any traffic. To access the unit using a management VLAN 200, I create a br0.200 and set its IP.

So simple :-)

Klemen
  • 51
  • 1
  • 6
  • Yes, you just need to add the base interfaces to the bridge. No need to setup any vlan interfaces at all. The bridge will forward vlan-tagged packages the same way as for regular packets. – scai Nov 07 '17 at 09:07