1.\" $OpenBSD: vlan.4,v 1.50 2018/11/16 08:43:52 dlg Exp $ 2.\" 3.\" Copyright (c) 2000 The NetBSD Foundation, Inc. 4.\" All rights reserved. 5.\" 6.\" This code is derived from software contributed to The NetBSD Foundation 7.\" by Jason R. Thorpe of Zembu Labs, Inc. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 19.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 20.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 21.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 22.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28.\" POSSIBILITY OF SUCH DAMAGE. 29.\" 30.Dd $Mdocdate: November 16 2018 $ 31.Dt VLAN 4 32.Os 33.Sh NAME 34.Nm vlan , 35.Nm svlan 36.Nd IEEE 802.1Q and 802.1ad pseudo-device 37.Sh SYNOPSIS 38.Cd "pseudo-device vlan" 39.Sh DESCRIPTION 40The 41.Nm vlan 42driver provides network interfaces supporting Virtual Local Area 43Networks (VLANs) on Ethernet networks. 44.Nm vlan 45interfaces implement virtual networks using the IEEE 802.1Q protocol. 46.Nm svlan 47interfaces implement virtual networks using the IEEE 802.1ad protocol. 48.Pp 49.Nm svlan 50interfaces allow construction of IEEE 802.1ad-compliant provider bridges. 51.Nm vlan 52and 53.Nm svlan 54interfaces can be configured to provide QinQ or stacked VLANs. 55.Pp 56The interfaces can be created at runtime using the 57.Ic ifconfig vlan Ns Ar N Ic create 58command or by setting up a 59.Xr hostname.if 5 60configuration file for 61.Xr netstart 8 . 62The interface itself can be configured with 63.Xr ifconfig 8 ; 64see its manual page for more information. 65.Pp 66.Nm vlan 67and 68.Nm svlan 69interfaces must be configured with a parent Ethernet interface to 70operate, and a virtual network identifier. 71Packets transmitted through a 72.Nm vlan 73or 74.Nm svlan 75interface will be encapsulated in their respective protocols and 76transmitted on the specified physical interface. 77802.1Q and 802.1ad packets received on the parent interface will be 78matched to the 79.Nm vlan 80and 81.Nm svlan 82interfaces by their respective protocol and virtual network 83identifiers, and decapsulated for reception on the associated virtual 84interfaces. 85.Pp 86The 802.1Q and 802.1ad protocols include a priority field. 87By default, the 802.1p priority in a transmitted packet is based on the 88priority of packets sent over the interface, which may 89be altered via 90.Xr pf.conf 5 ; 91see the 92.Cm prio 93option for more information. 94Alternatively, 95.Cm txprio 96can set a specific priority for transmitted packets. 97.Pp 98.Nm vlan 99and 100.Nm svlan 101interfaces support the following 102.Xr ioctl 2 Ns s : 103.Bl -tag -width indent -offset 3n 104.It Dv SIOCSIFPARENT Fa "struct if_parent *" 105Set the parent interface. 106The parent may only be configured while the virtual interface is 107administratively down. 108.It Dv SIOCGIFPARENT Fa "struct if_parent *" 109Get the currently configured parent interface. 110.It Dv SIOCDIFPARENT Fa "struct ifreq *" 111Delete the parent interface configuration. 112The parent may only be removed while the virtual interface is 113administratively down. 114.It Dv SIOCSVNETID Fa "struct ifreq *" 115Set the virtual network identifier. 116Valid identifiers are in the range 1 to 4094. 117.It Dv SIOCGVNETID Fa "struct if_parent *" 118Get the currently configured virtual network identifier. 119.It Dv SIOCDVNETID Fa "struct ifreq *" 120Clear the current virtual network identifier. 121Virtual interfaces without a configured virtual network identifier 122will use 0 in their protocols tag field. 123.It Dv SIOCSIFLLADDR Fa "struct ifreq *" 124Configure a custom MAC address on the virtual interface. 125When the virtual interface is using a custom MAC address the parent 126interface will be configured to promiscuously receive packets. 127When operating without a custom MAC address the virtual interface 128will inherit the parent interfaces MAC address. 129Configuring 00:00:00:00:00:00 as the MAC address will clear the 130custom MAC address configuration and resume operation with the 131parents MAC address. 132.El 133.Pp 134.Nm vlan 135and 136.Nm svlan 137interfaces use the following capability on parent interfaces: 138.Bl -tag -width "IFCAP_VLAN_HWTAGGING" -offset 3n 139.It IFCAP_VLAN_MTU 140The parent interface can handle full sized frames, plus the size 141of the vlan tag. 142.El 143.Pp 144.Nm vlan 145interfaces use the following capability on parent interfaces: 146.Bl -tag -width "IFCAP_VLAN_HWTAGGING" -offset 3n 147.It IFCAP_VLAN_HWTAGGING 148The parent interface will offload the encapsulation and decapsulation 149of 802.1Q frames. 150.El 151.Sh EXAMPLES 152Create an 802.1Q virtual interface on top of the physical interface 153em0, with virtual network identifier 5: 154.Bd -literal -offset indent 155# ifconfig vlan0 create 156# ifconfig vlan0 parent em0 vnetid 5 157# ifconfig vlan0 10.1.1.100/24 158.Ed 159.Pp 160Create an 802.1Q VLAN interface on network 10, on top of an 802.1ad 161provider bridge on network 8, on top of the physical interface bge0: 162.Bd -literal -offset indent 163# ifconfig svlan0 create 164# ifconfig svlan0 parent bge0 vnetid 8 165# ifconfig svlan0 up 166# ifconfig vlan0 create 167# ifconfig vlan0 parent svlan0 vnetid 10 168# ifconfig vlan0 10.1.1.101/24 169.Ed 170.Pp 171Configure an 802.1Q VLAN interface with a custom MAC address: 172.Bd -literal -offset indent 173# ifconfig vlan0 lladdr fe:e1:ba:d0:84:0e 174.Ed 175.Pp 176Remove a custom MAC address from an 802.1Q VLAN interface: 177.Bd -literal -offset indent 178# ifconfig vlan0 lladdr 00:00:00:00:00:00 179.Ed 180.Pp 181Force the use of priority 1 for transmitted packets, regardless of 182the packet priority: 183.Bd -literal -offset indent 184# ifconfig vlan0 txprio 1 185.Ed 186.Sh SEE ALSO 187.Xr inet 4 , 188.Xr ip 4 , 189.Xr netintro 4 , 190.Xr hostname.if 5 , 191.Xr pf.conf 5 , 192.Xr ifconfig 8 , 193.Xr netstart 8 194.Rs 195.%T IEEE 802.1Q standard 196.%U http://standards.ieee.org/getieee802/802.1.html 197.Re 198.Rs 199.%Q Provider Bridges, QinQ 200.%T IEEE 802.1ad standard 201.Re 202.Sh AUTHORS 203Originally 204.An Garrett Wollman Aq Mt wollman@freebsd.org . 205.Sh CAVEATS 206Some Ethernet chips will either discard or truncate 207Ethernet frames that are larger than 1514 bytes. 208This causes a problem as 802.1Q and 802.1ad tagged frames can be 209up to 1518 bytes. 210Most controller chips can be told not to discard large frames 211and/or to increase the allowed frame size. 212