1. This forum section is a read-only archive which contains old newsgroup posts. If you wish to post a query, please do so in one of our main forum sections (here). This way you will get a faster, better response from the members on Motherboard Point.

Promiscuous Mode on Sun BGE Network Driver Drops VLAN-tagged Packets

Discussion in 'Sun Hardware' started by Packet411, Apr 20, 2005.

  1. Packet411

    Packet411 Guest


    I've got a switch mirroring packets into a Sun V20Z with a BGE
    interface running in promiscuous mode (using snoop to test this right
    now). Some of the packets coming in have VLAN tags, and some do not. I
    am only seeing packets without VLAN tags. I know the problem is not the
    switch because I see all packets when I perform this test using BSD or

    I've done some reading on the subject and it appears that one way
    around this is to create logical network interfaces, one for each VLAN
    tag. The problem is, I don't know what VLAN tags I'm going to be
    receiving ahead of time and I don't want to have to listen to 4094
    logical interfaces just to be able to see all ethernet traffic!

    Under Linux/BSD, setting the interface to promiscuous mode is
    sufficient to get the kernel driver to forward all packets to the
    listener. I'd like to know how I can do this with Solaris (I'm using
    Solaris 9 presently). I've looked at the man pages for ifconfig, bge,
    and ndd, and I have been unable to find any option that will set the
    desired behaviour.

    Did I miss something, or do I need to write my own device driver to get
    this capability?
    Packet411, Apr 20, 2005
    1. Advertisements

  2. Perhaps using tcpdump (presumably what you are using on linux) rather
    than snoop would help confirm your observation and eliminate questions
    about whether the traffic is present but unreported by snoop. tcpdump
    can make use of a vlan filter...

    vlan [vlan_id]
    True if the packet is an IEEE 802.1Q VLAN packet. If
    [vlan_id] is specified, only true is the packet has the
    specified vlan_id. Note that the first vlan keyword
    encountered in expression changes the decoding offsets
    for the remainder of expression on the assumption that
    the packet is a VLAN packet.

    - Bob
    Robert Lawhead, Apr 20, 2005
    1. Advertisements

  3. Packet411

    Packet411 Guest

    Hi Bob,

    Thanks for your reply.

    Actually, I already tried both snoop and tcpdump under Solaris. Their
    behavior is identical leading me to believe that the default packet
    driver behavior is to not forward VLAN-tagged packets. :(

    I'm watching switch stats, and I see packets flowing to the bge device
    while tcpdump is running. I then kill tcpdump after a few hundred or
    more packets have been delivered, and this is all I see:

    0 packets captured
    0 packets received by filter
    0 packets dropped by kernel

    This is with tcpdump version 3.8.3. It does not have the vlan tagging
    option you mention in your email. Unfortunately, according to the
    output from tcpdump above, this is not a factor anyway as the device
    driver itself has not captured any devices.

    As soon as I switch to non-VLAN-tagged packets, everything works

    I'd like to get hold of the bge driver source code to get to the bottom
    of this.


    Packet411, Apr 20, 2005
  4. I don't have a bge interface to verify this with, but I think the
    issue is that each VLAN is presented as a separate pseudo interface,
    so you would have to snoop the VLAN you are interested in.
    For VLAN id 1 on bge0, this would be snoop -d bge1000,
    for VLAN id 2 on bge0, this would be snoop -d bge2000,
    for VLAN id 6 on bge3, this would be snoop -d bge6003,

    As I said, I can't actually check this out though -- just guessing.
    Andrew Gabriel, Apr 20, 2005
  5. Robert Lawhead, Apr 21, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.