NAME
vlan - IEEE 802.1Q VLAN network interface
SYNOPSIS
To compile this driver into the kernel, place the following lines in your
kernel configuration file:
device vlan
Alternatively, to load the driver as a module at boot time, place the
following line in loader.conf(5):
if_vlan_load="YES"
DESCRIPTION
The vlan driver demultiplexes frames tagged according to the IEEE 802.1Q
standard into logical vlan network interfaces, which allows
routing/bridging between multiple VLANs through a single switch trunk
port.
Each vlan interface is created at runtime using interface cloning. This
is most easily done with the ifconfig(8) create command or using the
cloned_interfaces variable in rc.conf(5).
To function, a vlan interface must be assigned a parent interface and
numeric VLAN tag using ifconfig(8). A single parent can be assigned to
multiple vlan interfaces provided they have different tags. The parent
interface is likely to be an Ethernet card connected to a properly
configured switch port. The VLAN tag should match one of those set up in
the switched network.
Initially vlan assumes the same minimum length for tagged and untagged
frames. This mode is selected by the sysctl(8) variable
net.link.vlan.soft_pad set to 0 (default). However, there are network
devices that fail to adjust frame length, should it fall below the
allowed minimum due to untagging. Such devices should be able to
interoperate with vlan after changing the value of net.link.vlan.soft_pad
to 1. In the latter mode, vlan will pad short frames before tagging them
so that their length stays not less than the minimum value after
untagging by the non-compliant devices.
HARDWARE
The vlan driver supports efficient operation over parent interfaces that
can provide help in processing VLANs. Such interfaces are automatically
recognized by their capabilities. Depending on the level of
sophistication found in a physical interface, it may do full VLAN
processing or just be able to receive and transmit long frames (up to
1522 bytes including an Ethernet header and FCS). The capabilities may
be user-controlled by the respective parameters to ifconfig(8), vlanhwtag
and vlanmtu. However, a physical interface is not obliged to react to
them: It may have either capability enabled permanently without a way to
turn it off. The whole issue is very specific to a particular device and
its driver.
By now, the list of physical interfaces able of full VLAN processing in
the hardware is limited to the following devices: ae(4), age(4), alc(4),
ale(4), bce(4), bge(4), cxgb(4), em(4), ixgb(4), jme(4), msk(4), nge(4),
re(4), stge(4), ti(4), txp(4), and vge(4).
The rest of the Ethernet interfaces can run VLANs using software
emulation in the vlan driver. However, some of them lack the capability
of transmitting and receiving long frames. Assigning such an interface
as the parent to vlan will result in a reduced MTU on the corresponding
vlan interfaces. In the modern Internet, this is likely to cause tcp(4)
connectivity problems due to massive, inadequate icmp(4) filtering that
breaks the Path MTU Discovery mechanism.
The following interfaces support long frames for vlan natively: bfe(4),
cas(4), dc(4), fwe(4), fxp(4), gem(4), hme(4), le(4), nfe(4), nve(4),
rl(4), sf(4), sis(4), sk(4), ste(4), tl(4), tx(4), vr(4), and xl(4).
The vlan driver automatically recognizes devices that natively support
long frames for vlan use and calculates the appropriate frame MTU based
on the capabilities of the parent interface. Some other interfaces not
listed above may handle long frames, but they do not advertise this
ability of theirs. The MTU setting on vlan can be corrected manually if
used in conjunction with such a parent interface.
SEE ALSO
ifconfig(8), sysctl(8)
BUGS
No 802.1Q features except VLAN tagging are implemented.