[CentOS] VLAN tagging problems

[Leonard Isham]

On 10/28/05, Robin Mordasiewicz <robin at bullseye.tv> wrote:
> We are using Centos behind an F5 Bigip load balancer.
> The linux box is using bonding and tagged VLAN's
>
> Everything works fine except that when traffic is forwarded from the BigIP
> to the linux box on the VLAN where the web server is running the linux box
> returns the traffic on the wrong VLAN, It returns traffic on the lowest
> ordered VLAN.
>
> ie. here is a tcpdump on my load balancer showing traffic being sent on
> VLAN 911 to the linux box, but the linux box returns traffic on VLAN 902.
> The linux box is returning traffic on the same VLAN as its configured
> default gateway. If I change the default gateway to be on the VLAN 911
> then everytyhing works.
>
> Any ideas ?
>
> 07:38:15.480141 802.1Q vlan#911 P0 10.90.11.244.http > 10.90.11.1.47970: . ack 9 win 1098 (DF)
> 07:38:15.691074 802.1Q vlan#911 P0 10.10.0.27.34023 > 10.90.11.244.http: S 2715145345:2715145345(0) win 4380 <mss 1460,nop,wscale 0,nop,nop,timestamp 72820060 0,sackOK,eol> (DF)
> 07:38:15.691074 802.1Q vlan#902 P0 10.90.11.244.http > 10.10.0.27.34023: S 514059651:514059651(0) ack 2715145346 win 5808 <mss 1464,sackOK,timestamp 51754641 72820060,nop,wscale 2> (DF)
[snip]

If you are talking about the traffic with 10.10.0.27.34023 then it
appears to me that you are dealing with a standard routing issue.

I have not done this on Linux, but on other systems, including routers.

Each VLAN is treated as a separate interface and packets are returned
based on routing tables not the interface they where received on. 
That is unless you are using policy based routing.

--
Leonard Isham, CISSP
Ostendo non ostento.