That depends... In all this - our role is similar to an ISP, but we are buying access to our customers from an external part. Every customer is delivered on a separate vlan trunked.
- Our DSL customers cannot be set on the same VLAN i a single DSLAM (don't ask me why - ask Alcatel). - We cannot build a simple bridge because the Network service provider can't handle when a MAC-address shows up on 2 different VLAN's. The arp-proxy should do the following: - Forward any broadcast packets but rewrite src to its own mac. - Forward unicast packets according to FDB but rewrite src to its own mac. I hope this makes it clear. /J On Thu, 2005-11-10 at 12:49 +0000, Brian Candler wrote: > On Wed, Nov 09, 2005 at 02:06:28PM +0100, Jon Otterholm wrote: > > I want to create a bridge-interface (if_bridge) with a bunch (500+) of > > sub-interfaces (vlan) as members. All members of the bridge should be > > able to "talk" to each other but MAC-addresses must be isolated to their > > "own" vlan. > > That doesn't really make any sense to me, can you give a concrete example of > how it should behave? And/or a higher-level description of what it is you're > actually trying to achieve? > > Note that if the VLANs are *bridged* together then: > (1) they form a single broadcast domain. A broadcast packet on any one VLAN > will be forwarded to all other VLANs > (2) a unicast packet to MAC address XX:XX:XX:XX:XX:XX will be forwarded only > to the VLAN which has that node, as long as the forwarding table knows > where it is (if not, it will be forwarded to all VLANs) > > So bridging VLANs really just collapses them back into a single LAN, which > means you shouldn't have set up any VLANs in the first place :-( _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
