On 1/30/08, Christopher Cowart <[EMAIL PROTECTED]> wrote:
>
> Trunking is definitely what you want. I'm using it successfully
> between Cisco switches and FreeBSD in a number of places.
>
> Here's IOS:
> | interface GigabitEthernet1/0/8
> | description dev-wireless-aux
> | switchport trunk encapsulation dot1q
> | switchport trunk native vlan 8
> | switchport trunk allowed vlan 88,665,679
> | switchport mode trunk
> | spanning-tree bpduguard enable
Here is my IOS:
interface GigabitEthernet3/18
description Novo FW01
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,11,16,20,200-205
switchport mode trunk
>
> Here's rc.conf:
> | ifconfig_fxp1="up"
> | ifconfig_vlan88="inet 10.8.0.2 netmask 0xffffc000 vlan 88
> | vlandev fxp1"
> | ifconfig_vlan88_alias0="inet 10.8.0.1 netmask 0xffffffff"
> | ifconfig_vlan665="inet 169.229.65.132 netmask 0xffffffc0 vlan 665
> | vlandev fxp1"
> | ifconfig_vlan679="inet 169.229.79.132 netmask 0xffffff80 vlan 679
> | vlandev fxp1"
>
> You may have already done so, but make sure your trunk is in dot1q mode.
> The default trunking protocol is a Cisco proprietary something, if I
> understand correctly.
My rc.conf is similar too...
But I think that I find the problem... I setup a test environment
similar to the production and to simulate the the traffic I'm using
netperf, here is the environment.
FW1 --- ----- M1
| |
--- cisco 4506 --
|
----- M2
The FW1 is the gateway connected to cisco 4506 throught bce1 gigabit
interface, on top of bce1 are configured the vlan2 and vlan5, M1 is a
machine connected to vlan2 and M2 is a machine connected to vlan5.
I'm running pf to filter the traffic between vlan in FW1,
Here is the result when I run netperf from M5 connecting M2 netserver
with FW1 pf enabled:
# netperf -H 10.2.0.46 -p 1025
TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 10.2.0.46
(10.2.0.46) port 0 AF_INET
Recv Send Send
Socket Socket Message Elapsed
Size Size Size Time Throughput
bytes bytes bytes secs. 10^6bits/sec
65536 32768 32768 17.11 8.03
Here is the result when I run netperf from M5 connecting M2 netserver
with FW1 pf *disabled*:
# netperf -H 10.2.0.46 -p 1025
TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 10.2.0.46
(10.2.0.46) port 0 AF_INET
Recv Send Send
Socket Socket Message Elapsed
Size Size Size Time Throughput
bytes bytes bytes secs. 10^6bits/sec
65536 32768 32768 11.45 92.35
I would expect some slow down or latency by enable pf, but not have a
10 times slow down.
Any other idea ?
Is Max Laier subscribed -net ?
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
