Hi fulvio, thanks for the reply.
I put the VLANs in place to seperate the two parts of the network which the bridge then connects, providing the QoS. I will attempt to explain in more detail below.
Basically the servers, and the Zeroshell are all running on virtual machines in the same VMware ESX server. The servers and workstations are all on the Inside VLAN, the Zeroshell VM has two interfaces, one of which is on the Inside VLAN, the other on the same VLAN as the firewall.
All machines have addresses on the 192.168.11.0/24 network. The firewall is also on this range. My understanding was that the Zeroshell should act as a L2 bridge between the two segments, therefore forwarding all packets it receives on either interface and doing QoS according to the rules I have created. This doesn’t seem to be happening at the moment, although broadcasts must be getting through, because a test laptop I used managed to get an DHCP IP across the Zeroshell. If I didn’t use VLANs, then when the machines try to get to the default gateway (i.e. the firewall) then they will access it directly, therefore no QoS. Or is this incorrect?
To give an example, my test machine is 192.168.11.10, so the network map is like this:
192.168.11.10 192.168.11.252 192.168.11.254