Tagged/untagged and gretap bridging question.

Tagged/untagged and gretap bridging question.

[Jonathan Thibault]

Greetings list,

Assuming the following network setup of three locations linked by two
ethernet over gre (gretap) tunnels.

I am assuming that a broadcast on the local network, if it comes
untagged to eth0 will reach both network1 and network2 untagged.

My main question is about a broadcast happening in the tagged portion of
(local network).  Is there a chance for an ethernet broadcast in vlan 1
on the local network to reach remote network 2?  I'm thinking not, but
if I tcpdump an interface that has vlans enabled, I will see the tagged
packets on eth0.  As such I wonder if they will travel through br0 to
the remote locations as well, something I would rather avoid.

(local network)
|                                              (remote network 1)
| eth0.1 <--br1--> gre1.1                                       |
+-eth0   <--br0--> gre1-- (l3_to_host1) -- gre0 <--br0--> eth0-+
            |
            +----> gre2 -- (l3-to_host2) -- gre0 <--br0--> eth0-+
  eth0.2 <--br2--> gre2.2                                       |
                                               (remote network 2)

Of interest too is knowing if the tags will survive all the way to
remote networks or if I need to enable vlans on the remote gretap and
ethernet interfaces as well for them to work.

Alternatively, the setup would look like this:

(local network)
|                                              (remote network 1)
| eth0.1 <--br1--> gre1.1                                       |
| eth0.3 <--br0--> gre1-- (l3_to_host1) -- gre0 <--br0--> eth0-+
+-eth0
  eth0.4 <--br3-->gre2 -- (l3-to_host2) -- gre0 <--br0--> eth0-+
  eth0.2 <--br2--> gre2.2                                       |
                                               (remote network 2)

The goal being not to see any untagged frames coming out on the local
network from remote locations and instead having them appear in specific
local vlans.

So at the core of my questions really is this:  Will bridging the
untagged portion of an interface that has vlans enabled (eth0 when
eth0.x exists) let tagged frames go through to other members of the bridge?

Thanks for your collective wisdom,

Jonathan

P.S.:  Please include me in the CC, I am not currently a member of the list.

Ethernet over GRE and vlans

[Jonathan Thibault]

As per one of my previous posts, imagine a setup like this:

Three linux hosts connected to their individual 802.1Q network via
eth0 interface linked by a L3 network through their eth1 interface.
 
 (local network)
 |                                              (remote network 1)
 | eth0.1 <--br1--> gre1.1                                       |
 | eth0.3 <--br0--> gre1 -- (l3_to_host1) -- gre0 <--br0--> eth0-+
 +-eth0
   eth0.4 <--br3--> gre2 -- (l3-to_host2) -- gre0 <--br0--> eth0-+
   eth0.2 <--br2--> gre2.2                                       |
                                                (remote network 2)
 
Wanting only untagged packets from remote networks 1 and 2 requires
simple ebtables rules wich answers my original query.  But I ran into
a strange issue where vlan1 and vlan2 tagged packets from their
respective remote networks do not appear on gre1.1 and gre2.2
interfaces at all.

I see the tagged packets on the gre1 and gre2 interfaces respectively
but cannot make their untagged equivalent (or anything else) show up
on gre2.2 and gre1.1 as they would on standard ethernet devices.

Is it wrong on my part to expect such behaviour from gretap devices
or is this simply not possible/implemented yet?

Please include me in replies, I am not currently subscribed to netdev.

Jonathan

P.S.:  I CCed Mr. Xu as I believe he originally submitted gretap
patches.

Re: Ethernet over GRE and vlans

[Herbert Xu]

On Sat, Jan 29, 2011 at 12:16:06AM -0500, Jonathan Thibault wrote:
>
> Is it wrong on my part to expect such behaviour from gretap devices
> or is this simply not possible/implemented yet?

I don't see why this shouldn't work, so it might be a bug or
misconfiguration.  How did you setup gre1.1 and gre2.2?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: Ethernet over GRE and vlans

[Jonathan Thibault]

On 21/02/11 12:38 AM, Herbert Xu wrote:
> On Sat, Jan 29, 2011 at 12:16:06AM -0500, Jonathan Thibault wrote:
>> Is it wrong on my part to expect such behaviour from gretap devices
>> or is this simply not possible/implemented yet?
> I don't see why this shouldn't work, so it might be a bug or
> misconfiguration.  How did you setup gre1.1 and gre2.2?
>
> Cheers,
I simply ran:

vconfig add rcg0 1
ifconfig rcg0.1 up

(the gretap interface is called rcg0, obviously)

Now that I think of it I did not try to add the vlan using the 'ip link
add' command though I'm not entirely sure it would make much of a
difference.  We sort of bypassed the problem using more hardware so the
test rig is dismantled now but if you feel there really is something to
it, I can set it back up.

Thanks again,

Jonathan

P.S.:  Gretap flies...  The little atom 1.6 boards I tested this on gave
me 877Mbit/sec without breaking a sweat.