Does Linux virtual bridge support VLAN's?
Not a problem, it's the way most openWRT systems connect the wlan and switch ports into the same LAN. Here's an example of the config on my openWRT system which has two wifi networks, one for private use and one for guests:
# brctl show
bridge name bridge id STP enabled interfaces
br-vlan2 7fff.a0f3c15eb708 no eth0.2
wlan0
wlan1
br-vlan3 7fff.a0f3c15eb708 no eth0.3
wlan0-1
wlan1-1
Some extra explanation:
The typical openwrt hardware (above is on a TP-Link WDR4300) has a switch that handles all the physical ports; sometimes the physical WAN port is a separate eth
interface on the SoC CPU. The switch is connected to the CPU with a trunk (packets on this connection are tagged with a VLAN tag). So eth0.2 is VLAN2 that is simply connected to 4 of the physical switch ports, stripped of the VLAN tag.
So you should see br-vlan2 simply as the "LAN network", the VLANs are used due to necessity as there is just one connection from CPU to the switch.
An ethernet bridge in Linux can have VLANs and physical interfaces as members. That's according to my expectations as a VLAN interface behaves just like a physical interface in Linux, having its own routing, firewalling etc. just like any physical interface. I expect you could also add different VLANs to the bridge, if you don't mind the insanity that follows :)
I haven't tried bridging a physical interface such as eth0
that is also carrying VLAN-tagged traffic though... I don't know whether those tagged packets will also be bridged.
A trick is to explicitly tell the bridge it's ok to pass vlan traffic with the vconfig command. the below will do it on the command line and will go away with a reboot. To make it happen on reboot see https://serverfault.com/questions/414115/linux-vlans-over-bridge
brctl addbr br0
brctl addif br0 eth0
vconfig add br0 100
ifconfig br0.100 127.16.0.128 netmask 255.255.255.0
the above ifconfig should work on eth0 also since br0 and eth0 are bridged.