[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: VLAN-Problems



The first thing I noticed is that SK0 is only at half duplex and you
have "duplex full" on the switch port.  This can cause similar problems
to what you are describing.  I've found it always best to set the speed
& duplex on both devices (switch and PC) when creating trunks.  HTH

-----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org] On Behalf
Of Heinrich Rebehn
Sent: Tuesday, April 04, 2006 12:13 PM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: VLAN-Problems

Hi all,

i am currently setting up a new firewall for our department. I already 
set up an OpenBSD Firewall and i am very satisfied with it :-)

The new machine is set up to use dot1q vlans in order to save on 
interfaces and ports in our Cisco switch.

This is the first time i am using dot1q and i am experiencing strange 
problems, which are not easy to describe, but i will try:

Generally, operation is *very* slow, if i try to ping one of the 
machine's interfaces, one ping is echoed, then it pauses for a minute, 
then another ping comes though.

ssh'ing into the box is possible after some 20 seconds delay (no, it is 
not reserve dns lookup), i can type commands and see the outputs, 
interspersed with occasional delays. As soon as i do a "tcpdump" on the 
interface that i used to login, the connection is dead.

Logging in and working locally works w/o problems.

Routing is very sluggish, close to unusable.

Some questions (could not find answers with google or mailinglist):

- Do the physical interfaces need an ip address (i guess not)
- Can i filter on the physical interfaces in pf / do i have to 
explicitly pass them (does not seem to make a difference)

If i change the configuration to non-vlan operation everything runs fine

  :-)

I am attaching ifconfig and dmesg output. The physical interface, sk0 is

shown as having "no carrier", this is because i had to pull the plug 
while taking the information because another machine (our old firewall) 
was running with the same address.

I have googled and looked in the mailing list, but did not find such 
problems mentioned. Does anybody have an idea? If i cannot get this to 
work, someone else will probably set up a linux firewall, which i would 
rather try to avoid..

I am not sure what type of switch is on the other end, here is some 
output that the admin mailed me:

vlan 86
name WLAN
!
vlan 182
name BackBone
!
interface FastEthernet6/19
description k307 n2340-19a
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 16,86,182,231,232
switchport mode trunk
duplex full

Thanks for any hints,

Heinrich Rebehn

University of Bremen
Physics / Electrical and Electronics Engineering
- Department of Telecommunications -

Phone : +49/421/218-4664
Fax   :            -3341
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224
	groups: lo 
	inet 127.0.0.1 netmask 0xff000000 
sk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:13:d4:de:cf:88
	media: Ethernet autoselect (1000baseT half-duplex)
	status: no carrier
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:0a:5e:61:7a:2d
	media: Ethernet autoselect (none)
	status: no carrier
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:0a:5e:61:7a:04
	media: Ethernet autoselect (none)
	status: no carrier
pflog0: flags=0<> mtu 33224
pfsync0: flags=0<> mtu 1348
enc0: flags=0<> mtu 1536
vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:13:d4:de:cf:88
	vlan: 16 parent interface: sk0
	groups: vlan 
	inet 134.102.176.250 netmask 0xffffff00 broadcast
134.102.176.255
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:13:d4:de:cf:88
	vlan: 231 parent interface: sk0
	groups: vlan 
vlan4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:13:d4:de:cf:88
	vlan: 182 parent interface: sk0
	groups: vlan egress 
	inet 134.102.186.20 netmask 0xffffff00 broadcast 134.102.186.255
vlan5: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	lladdr 00:13:d4:de:cf:88
	vlan: 86 parent interface: sk0
	groups: vlan 
	inet 172.21.1.8 netmask 0xffff0000 broadcast 172.21.255.255
OpenBSD 3.8-stable (ANT) #2: Thu Mar 30 16:59:00 CEST 2006
 
root_(_at_)_openbsdmaster_(_dot_)_ant_(_dot_)_uni-bremen_(_dot_)_de:/root/flashboot-0.9beta1/obj/ANT
cpu0: AMD Athlon(tm) 64 Processor 3000+ ("AuthenticAMD" 686-class, 512KB
L2 cache) 1.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD Powernow: FID VID TTP TM STC
real mem  = 536125440 (523560K)
avail mem = 459415552 (448648K)
using 4278 buffers containing 26910720 bytes (26280K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 11/03/05, BIOS32 rev. 0 @
0xf0010
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf0000/0x10000
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf5980/192 (10 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x1106 product 0x3227
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0xb000 0xcb000/0x800 0xcb800/0x800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA K8HTB Host" rev 0x00
pchb1 at pci0 dev 0 function 1 "VIA K8HTB Host" rev 0x00
pchb2 at pci0 dev 0 function 2 "VIA K8HTB Host" rev 0x00
pchb3 at pci0 dev 0 function 3 "VIA K8HTB Host" rev 0x00
pchb4 at pci0 dev 0 function 4 "VIA K8HTB Host" rev 0x00
pchb5 at pci0 dev 0 function 7 "VIA K8HTB Host" rev 0x00
ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Rage 128 Pro TF" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
skc0 at pci0 dev 10 function 0 "Marvell SKv2" rev 0x13: irq 10
skc0: Marvell Yukon Lite (0x9)
sk0 at skc0 port A: address 00:13:d4:de:cf:88
eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 5
xl0 at pci0 dev 12 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq 10,
address 00:0a:5e:61:7a:2d
exphy0 at xl0 phy 24: 3Com internal media interface
xl1 at pci0 dev 14 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq 3,
address 00:0a:5e:61:7a:04
exphy1 at xl1 phy 24: 3Com internal media interface
pciide0 at pci0 dev 15 function 0 "VIA VT8237 SATA" rev 0x80: DMA
pciide0: using irq 10 for native-PCI interrupt
pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133,
channel 0 configured to compatibility, channel 1 configured to
compatibility
drive at pciide1 channel 0 drive 0 not configured
pciide1: channel 0 disabled (no drives)
pciide1: channel 1 disabled (no drives)
uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: irq 11
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: irq 10
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: irq 10
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: irq 5
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
pcib0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00
"VIA VT8233 AC97" rev 0x60 at pci0 dev 17 function 5 not configured
pchb6 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00
pchb7 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00
pchb8 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00
pchb9 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00
isa0 at pcib0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask ffe5 netmask ffed ttymask ffef
rd0: fixed, 49152 blocks
pctr: user-level cycle counter enabled
uhub5 at uhub4 port 4
uhub5: Prolific Technology Inc. USB Embedded Hub, rev 2.00/1.00, addr 2
uhub5: 1 port with 0 removable, self powered, single transaction
translator
uhidev0 at uhub0 port 1 configuration 1 interface 0
uhidev0: Logitech USB Receiver, rev 1.10/17.21, addr 2, iclass 3/1
ukbd0 at uhidev0: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub0 port 1 configuration 1 interface 1
uhidev1: Logitech USB Receiver, rev 1.10/17.21, addr 2, iclass 3/1
uhidev1: 4 report ids
ums0 at uhidev1 reportid 1: 16 buttons and Z dir.
wsmouse0 at ums0 mux 0
uhid0 at uhidev1 reportid 2: input=2, output=0, feature=0
uhid1 at uhidev1 reportid 3: input=1, output=0, feature=0
uhid2 at uhidev1 reportid 4: input=3, output=0, feature=0
umass0 at uhub5 port 1 configuration 1 interface 0
umass0: Prolific Technology Inc. USB Mass Storage Device, rev 2.00/1.00,
addr 3
umass0: using ATAPI over Bulk-Only
scsibus0 at umass0: 2 targets
sd0 at scsibus0 targ 1 lun 0: <Corsair, Flash Voyager, 1.00> SCSI0
0/direct removable
sd0: 124MB, 124 cyl, 64 head, 32 sec, 512 bytes/sec, 253952 sec total
dkcsum: sd0 matches BIOS drive 0x80
root on rd0a
rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02
OpenBSD 3.8-stable (ANT) #2: Thu Mar 30 16:59:00 CEST 2006
 
root_(_at_)_openbsdmaster_(_dot_)_ant_(_dot_)_uni-bremen_(_dot_)_de:/root/flashboot-0.9beta1/obj/ANT
cpu0: AMD Athlon(tm) 64 Processor 3000+ ("AuthenticAMD" 686-class, 512KB
L2 cache) 1.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,MMX,FXSR,SSE,SSE2,SSE3
cpu0: AMD Powernow: FID VID TTP TM STC
real mem  = 536125440 (523560K)
avail mem = 459415552 (448648K)
using 4278 buffers containing 26910720 bytes (26280K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 11/03/05, BIOS32 rev. 0 @
0xf0010
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf0000/0x10000
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf5980/192 (10 entries)
pcibios0: no compatible PCI ICU found: ICU vendor 0x1106 product 0x3227
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0xb000 0xcb000/0x800 0xcb800/0x800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA K8HTB Host" rev 0x00
pchb1 at pci0 dev 0 function 1 "VIA K8HTB Host" rev 0x00
pchb2 at pci0 dev 0 function 2 "VIA K8HTB Host" rev 0x00
pchb3 at pci0 dev 0 function 3 "VIA K8HTB Host" rev 0x00
pchb4 at pci0 dev 0 function 4 "VIA K8HTB Host" rev 0x00
pchb5 at pci0 dev 0 function 7 "VIA K8HTB Host" rev 0x00
ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Rage 128 Pro TF" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
skc0 at pci0 dev 10 function 0 "Marvell SKv2" rev 0x13: irq 10
skc0: Marvell Yukon Lite (0x9)
sk0 at skc0 port A: address 00:13:d4:de:cf:88
eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 5
xl0 at pci0 dev 12 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq 10,
address 00:0a:5e:61:7a:2d
exphy0 at xl0 phy 24: 3Com internal media interface
xl1 at pci0 dev 14 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq 3,
address 00:0a:5e:61:7a:04
exphy1 at xl1 phy 24: 3Com internal media interface
pciide0 at pci0 dev 15 function 0 "VIA VT8237 SATA" rev 0x80: DMA
pciide0: using irq 10 for native-PCI interrupt
pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133,
channel 0 configured to compatibility, channel 1 configured to
compatibility
drive at pciide1 channel 0 drive 0 not configured
pciide1: channel 0 disabled (no drives)
pciide1: channel 1 disabled (no drives)
uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: irq 11
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: irq 10
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: irq 10
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: irq 5
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
pcib0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00
"VIA VT8233 AC97" rev 0x60 at pci0 dev 17 function 5 not configured
pchb6 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00
pchb7 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00
pchb8 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00
pchb9 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00
isa0 at pcib0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask ffe5 netmask ffed ttymask ffef
rd0: fixed, 49152 blocks
pctr: user-level cycle counter enabled
uhub5 at uhub4 port 4
uhub5: Prolific Technology Inc. USB Embedded Hub, rev 2.00/1.00, addr 2
uhub5: 1 port with 0 removable, self powered, single transaction
translator
uhidev0 at uhub0 port 1 configuration 1 interface 0
uhidev0: Logitech USB Receiver, rev 1.10/17.21, addr 2, iclass 3/1
ukbd0 at uhidev0: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub0 port 1 configuration 1 interface 1
uhidev1: Logitech USB Receiver, rev 1.10/17.21, addr 2, iclass 3/1
uhidev1: 4 report ids
ums0 at uhidev1 reportid 1: 16 buttons and Z dir.
wsmouse0 at ums0 mux 0
uhid0 at uhidev1 reportid 2: input=2, output=0, feature=0
uhid1 at uhidev1 reportid 3: input=1, output=0, feature=0
uhid2 at uhidev1 reportid 4: input=3, output=0, feature=0
umass0 at uhub5 port 1 configuration 1 interface 0
umass0: Prolific Technology Inc. USB Mass Storage Device, rev 2.00/1.00,
addr 3
umass0: using ATAPI over Bulk-Only
scsibus0 at umass0: 2 targets
sd0 at scsibus0 targ 1 lun 0: <Corsair, Flash Voyager, 1.00> SCSI0
0/direct removable
sd0: 124MB, 124 cyl, 64 head, 32 sec, 512 bytes/sec, 253952 sec total
dkcsum: sd0 matches BIOS drive 0x80
root on rd0a
rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02