Re: [VLAN] linux and super vlan

From: Martin Josefsson (gandalf@wlug.westbo.se)
Date: Thu Apr 10 2003 - 08:50:05 EST


On Thu, 2003-04-10 at 15:33, Matti Aarnio wrote:
> On Thu, Apr 10, 2003 at 02:41:02PM +0200, Daniel Larsson wrote:
> > Anyone who has setup a linux box with super-vlan?
>
> Do you mean what is described at:
> http://www.faqs.org/ftp/rfc/rfc3069.txt
>
> I don't think Linux IP routing supports that.
> VLANs are just an external ethernet multiplexor giving the box
> a number of "virtual" ethernet ports for other uses. On top of
> those ports, various applications, like IP routing can be done.
> ... but can RFC 3069 really be done, I don't know.

One could use proxyarp and a lot of entries in the routingtable.
This limits it to IP.

Or it could probably be setup using the ethernet bridge in the kernel to
connect the vlan's to eachother. And then use ebtables to limit which
layer2 traffic can go from one vlan (bridge-port) to another.

And for both cases you can firewall the IP-traffic using iptables.

-- 
/Martin
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



This archive was generated by hypermail 2b29 : Tue Apr 15 2003 - 22:00:01 EST