David Sommerseth wrote: > I'll admit I don't understand too much how the VLAN's really work in > core network code.
There's a prefix, and a wrapper to create virtual interfaces. And there's the vconfig tool to do configuration. NIC drivers need to support oversize frames. vconfig add eth0 4 # VLAN 4 will be tagged on eth0 So to test this, one could do: vconfig add tap0 4 # Creates tap9.4 which is VLAN 4 on tap9 Then run openvpn --mode server --vlan-tag 4 on that tap0, and client traffic should then come out of tap0.4 rather than tap0. > I'll try to find some time to read through the patches once more. > > [* Other reviewers are most welcome to have a look as well! *] I think they looked okey, apart from the things I pointed out already. > You scare at least me when stating that this code "was originally > only intended as a proof of concept", which is why I'm not signing > off these patches immediately and giving you a feature branch. > But I'm open for full inclusion! I'm generally in favor too. Although originally PoC I think this looks like good quality now, and VLANs are actually really simple. I would like to request extra special thorough review of broadcast domain separation though, so that it's certain that nothing will jump VLANs. //Peter
