[VLAN] dropping of un-matched tagged packets?

[Fermín Galán Márquez]

Hello,

I've observed a behaviour of Linux VLAN support that surprises me, but,
given that I'm not an expert :) I would like to describe it in this list,
just to know if it is the expected behaviour.

It seems that when a 802.1q tagged packet is received in a physical Linux
interface (for example 'eth2') the behaviour is:

1. If there is some subinterface maching the tag, the packet is deliver to
that interface. For example, if the packet is tagged with VLANID=200 and
there is an eth2.200 interface, the packet is delivered to eth2.200 (and a
'tcpdump -i eth2.200', for example, would show it).

2. If there is no subinterface maching the tag, the packet is drop. For
example, if the packet is tagged with VLANID=300 and there is no eth2.300,
the packet is drop (and a 'tcpdump -i eth2' would never show it).

Is that right?

In that case, I would like to know if is possible to change the behaviour of
item 2 (maybe with some configuration in the /proc/sys hierarchy), so a
'tcpdump -i eth2' shows the tagged packet.

I'm asking this beacuse I would like to bridge a trunk of tagged traffic
(that comes at eth2 from/to a Cisco router) with a software bridge in the
Linux box implemeted with brctl ('brctl addif somebridge eth2') , but if the
default behaviour is to drop tagged un-matched packets, this seems
imposible...

Any help and related information it's very welcome. Thanks in advance!

Best regards,

--------------------
Fermín Galán Márquez
CTTC - Centre Tecnològic de Telecomunicacions de Catalunya
Parc Mediterrani de la Tecnologia, Av. del Canal Olímpic s/n, 08860
Castelldefels, Spain
Room 1.02
Tel : +34 93 645 29 12
Fax : +34 93 645 29 01
Email address: fermin.galan at cttc.es