[ previous ] [ next ] [ threads ]
 
 From:  Rob Parker <rob dot parker at keycom dot co dot uk>
 To:  Kristian Shaw <monowall at wealdclose dot co dot uk>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] 1.21r91 and 802.1q VLAN tagging
 Date:  Tue, 7 Mar 2006 09:56:36 -0000
Hi Kris,

Thanks for the pointers there, unfortunately they haven't helped though :(
Adding the native vlan to the m0n0wall LAN port allows traffic from vlan 20
to reach m0n0wall, but *only* vlan 20 (we're testing with 20-25 to simulate
subscribers on multiple vlans). The nonegotiate option doesn't seem to have
made a difference either.. Just about to try with a non-Cisco switch in case
that is the problem, but it almost seems like m0n0wall is receiving the
tagged traffic, but not sending tagged traffic back (if that makes sense!).

Rob.

-----Original Message-----
From: Kristian Shaw [mailto:monowall at wealdclose dot co dot uk] 
Sent: 06 March 2006 18:30
To: Rob Parker; m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] 1.21r91 and 802.1q VLAN tagging

Hello,

Try adding

    switchport nonegotiate
    switchport trunk native vlan xx

to the configuration for fe0/2 (where you replace xx with the correct native
vlan)

You used to have to also add this in for trunks, but I'm not sure it applies
for your switch:

    switchport trunk encapsulation dot1q

Regards,

Kris.

----- Original Message -----
From: "Rob Parker" <rob dot parker at keycom dot co dot uk>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, March 06, 2006 1:03 PM
Subject: [m0n0wall] 1.21r91 and 802.1q VLAN tagging


> Hi all,
>
> I'm trying to use Jonathan's 1.22r91 image to test the VLAN tagging 
> support
> of m0n0wall before I begin developing some patches for per-user bandwidth
> control in the captive portal, however I am having some problems...
>
> I have a small testbed setup here with a Cisco 2950-48 and three ports
> configured for my testing - one for m0n0wall lan, one for m0n0wall wan, 
> and
> one as a test user. The Cisco config is as follows:
>
> interface FastEthernet0/2
> description m0n0-lan
> switchport trunk allowed vlan 20-25
> switchport mode trunk
> end
>
> interface FastEthernet0/17
> description m0n0-wan
> switchport access vlan 2
> end
>
> interface FastEthernet0/3
> description subscriber 1
> switchport access vlan 20
> end
>
> As you can see, fa0/3 is my 'test user' port on untagged vlan 20, fa0/2 is
> the m0n0wall LAN interface, is trunked (as dot1q) and has allowed vlans
> 20-25. The m0n0wall WAN port is on untagged vlan 2 (this is a vlan valid 
> on
> our internal network and has a route out to the internet for testing - I
> don't think this is important to this problem, though).
>
> m0n0wall is configured with vlan tags 20,21,22,23,24 and 25 on em0 (the 
> LAN
> interface of my test box).
>
> No traffic flows from the user port (fa0/3) to the m0n0wall LAN port
> (fa0/2). If I add a native vlan with tag 20 to the LAN port (fa0/2), it
> works fine, but without this no traffic will flow.
>
> I have also used exec.php to set 'ifconfig em0 vlanhwtag' to force the 
> card
> to enable VLAN hardware tagging support (which em supports), but this does
> not help.
>
> Has anyone else had this problem? Is anyone using the VLAN tagging support
> successfully? I've also tried the 1.3a3 FreeBSD 6 image, but exactly the
> same problem occurs. Any pointers or information would be greatly
> appreciated!
>
> Thanks!
>
> Rob.
>
> ---
>
> Rob Parker
> Network and Systems Administrator
> Keycom PLC
>
> t: +44 (0) 1785 717412
> m: +44 (0) 7973 912536
> e: rob dot parker at keycom dot co dot uk
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>