Re: Getting 802.1Q VLAN ID from tagged packets with hardwareacceleration on

[Garry Dolley]

On Sun, Mar 22, 2009 at 09:04:50PM -0700, Stephen Hemminger wrote:
> On Sun, 22 Mar 2009 06:26:20 -0700
> Garry Dolley <gdolley@xxxxxxxxxxxxxxx> wrote:
> 
> > Dear linux-net,
> > 
> > I'm running the stock kernel of Ubuntu Hardy:
> > 2.6.27-7-generic #1 SMP Tue Nov 4 19:33:06 UTC 2008 x86_64 GNU/Linux
> > 
> > My eth0 is:
> > driver: e1000e
> > version: 0.3.3.3-k6
> > firmware-version: 2.1-12
> > bus-info: 0000:04:00.0
> > 
> > If have several VLANs configured on eth0, such as:
> > 
> >   eth0.105
> >   eth0.106
> >   eth0.107
> > 
> > When I run tcpdump on each, I can see the traffic for the respective VLAN.
> > When I tcpdump eth0, I can see the traffic for *all* the VLANs.
> > 
> > So far so good.
> > 
> > Except, when I look at the traffic for all the VLANs, the VLAN ID is not
> > present.  Many hours of googling, looking at the e1000e driver code and VLAN
> > code, and picking other ppl's brains, has led me to believe that VLAN
> > hardware acceleration is stripping the tag from the frame, so I can't actually
> > see the VLAN ID.
> > 
> > So my question is, is it possible to turn hwaccel off for this card without
> > hacking and recompiling the driver?  Or can I get the VLAN ID using some other
> > method that I don't know about?
> 
> no, without recompiling driver.

Roger that.

> > Also, some of code and commit messages I've read seem to indicate even if
> > tcpdump could show me the VLAN ID, I wouldn't necessarily get any of this
> > traffic unless eth0 is in promisc mode.
> 
> There are patches to libpcap, that teach it how to handle this.
>   http://www.mail-archive.com/tcpdump-workers@xxxxxxxxxxxxxxxxx/msg03866.html

Awesome, thanks for that link.

> > My main goal here is to be able to bridge eth0 to another device and ensure
> > that that device can see all the tagged traffic that comes in eth0.  eth0 is
> > plugged into a Cisco switch and is a trunk port.
> > 
> > Any suggestions?
> 
> Find (or patch) a version of tcpdump that knows about PACKET_AUXDATA

Roger that.

OK, now for some news; I think I solved my problem.

VLAN hardware acceleration wasn't the issue; as of kernel 2.6.27, I
*can* see all the vlan tags on eth0, but there is a big catch --
eth0 cannot actually participate in any VLANs.

That is, if no VLANs have been configured on eth0, I can tcpdump
like so:

  tcpdump -i eth0 vlan

and see all the traffic with the tags.

But as soon as I do:

  vconfig add eth0 500

Thereby creating eth0.500, then:

  tcpdump -i eth0 vlan

shows absolutely no traffic.

However:

  tcpdump -i eth0

shows all the traffic, like in my first example, except the packets are
all *untagged*.

I take it as soon as a VLAN is added to eth0, creating a
sub-interface (eth0.500), then only the sub-interfaces "see"
traffic (and they are untagged, as expected).  The main interface,
eth0, no longer sees the VLAN tags, they have been stripped out
already (by 8021q module maybe?).

-- 
Garry Dolley
ARP Networks, Inc.                          http://www.arpnetworks.com
Data center, VPS, and IP transit solutions  (818) 206-0181
Member Los Angeles County REACT, Unit 336   WQGK336
Blog                                        http://scie.nti.st

--
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html