From: Jesse Gross <jesse@nicira.com>
To: Christian Hesse <mail@eworm.de>
Cc: netdev@vger.kernel.org
Subject: Re: sky2, vlan and nat/masquerading
Date: Thu, 17 Mar 2011 12:23:48 -0700 [thread overview]
Message-ID: <AANLkTikeVWuDMhws4JX0S+WhKFja8zU_2ZY3KZZUAXks@mail.gmail.com> (raw)
In-Reply-To: <20110315085326.1a1019aa@leda.vpn.lugor.de>
On Tue, Mar 15, 2011 at 12:53 AM, Christian Hesse <mail@eworm.de> wrote:
> On Mon, 14 Mar 2011 18:55:17 -0700 Jesse Gross <jesse@nicira.com> wrote:
>> On Mon, Mar 14, 2011 at 3:11 AM, Christian Hesse <mail@eworm.de> wrote:
>> > Ok, let me explain step by step:
>>
>> Thank you, this helps a lot in understanding your setup.
>>
>> >
>> > * Host sends icmp echo request (172.16.0.21 -> 192.168.100.3) to router
>> > 172.16.0.1, the packet is untagged.
>> > * Switch receives the packet on native interface with vid 2, tags it and
>> > sends it to the trunk)
>> > * Netbook receives the packet from trunk, untags it an queues it to vlan
>> > interface 2.
>> > * Netbook nats the packet (192.168.x.140 > 192.168.100.3), tags it with
>> > vlan 2 and sends it to the trunk.
>>
>> For clarity, I'm assuming that this is supposed to be vlan 1?
>
> Sorry, little typo. Yes, you are right.
>
>> > * Switch receives the packet from trunk, untags it and sends it to native
>> > interface with vlan 1.
>> > * The packet and its answer (192.168.100.3 -> 192.168.x.140) make their
>> > way through the network.
>> > * Switch receives the icmp echo reply on native interface with vlan 1,
>> > tags it and sends it to the trunk
>> > * Netbook receives the packet from trunk, untags it an queues it to vlan
>> > interface 1.
>> > * Netbooks restores the original addresses from nat (192.168.100.3 ->
>> > 172.16.0.21), _tags_it_with_vlan_0_, tags it with vlan 2 and sends it to
>> > the trunk
>>
>> Can you capture a packet trace on the netbook's Ethernet interface to
>> see what it thinks it is sending?
>
> Ok, I have two traces for you: from the vlan interface and from the native
> interface. First ping to 172.16.0.65 is ok, second one to 192.168.100.3 fails.
>
> Please don't be confused, vlan 1 is vlan 3 this time and addresses
> changed a little bit. ;)
Hmm, it's pretty interesting that the extra vlan tag magically
appears. I'll have to reproduce it to investigate further, as the
source isn't readily obvious to me. You said that if you swap out a
different NIC but keep everything else the same the problem goes away?
That also is strange because the packet capture should take place
before the driver.
Can you try using ethtool to turn off txvlan and see if that makes a difference?
next prev parent reply other threads:[~2011-03-17 19:24 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-09 17:15 sky2, vlan and nat/masquerading Christian Hesse
2011-03-12 0:39 ` Jesse Gross
2011-03-14 10:11 ` Christian Hesse
2011-03-15 1:55 ` Jesse Gross
2011-03-15 7:53 ` Christian Hesse
2011-03-15 7:56 ` Christian Hesse
2011-03-17 19:23 ` Jesse Gross [this message]
2011-03-17 21:40 ` Christian Hesse
2011-03-18 6:46 ` Christian Hesse
2011-03-22 2:14 ` Jesse Gross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AANLkTikeVWuDMhws4JX0S+WhKFja8zU_2ZY3KZZUAXks@mail.gmail.com \
--to=jesse@nicira.com \
--cc=mail@eworm.de \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).