remember the use of the vconfig command. it helps you to define "access ports" that means that you can tell the system what default vlan (or vlans) to use for a certain interface (so that it can remove the vlan tag from the trunked packet)... if you want to bridge all your traffic - including vlan traffic - just confige the bridge in a "normal behaviour". just one question: by saying vlan traffic you mean trunk or trunked or tagged traffic, right ? josef -----Original Message----- From: R Harper To: bridge@lists.osdl.org Sent: 22.09.2005 14:34 Subject: [Bridge] Bridging VLANs Hi I have a simple question I want to bridge both normal ethernet frames and VLAN packets do I have to explicitly bridge the VLAN packets (e.g. vconfig br0 30) or are they bridge by default Is it sufficient to configure a VLAN bridge like this or am I forgetting something? regards R.Harper _________________________________________________________________ F? alle de nye og sjove ikoner med MSN Messenger http://messenger.msn.dk/ <<ATT38976.txt>> _______________________________________________________________________________ Disclaimer This message may contain confidential information solely for its intended recipients and others may not distribute, copy or use it. If you have received this communication in error please tell us either by return e-mail or at the numbers above and delete it, and any copies of it.
Hi I have a simple question I want to bridge both normal ethernet frames and VLAN packets do I have to explicitly bridge the VLAN packets (e.g. vconfig br0 30) or are they bridge by default Is it sufficient to configure a VLAN bridge like this or am I forgetting something? regards R.Harper _________________________________________________________________ Få alle de nye og sjove ikoner med MSN Messenger http://messenger.msn.dk/
Hi folks, I have an implementation question regarding bridging on a linux box between a catalyst trunk port and a cisco 26something w/802.1q subinterfaces. So right now, there's no vlan trunking going on on the link my bridging firewall sits on, but I'm going to need to bridge two vlans, 4 and 51. My question is this: should the vlan interfaces on the linux firewall be created first, then bridged; or should the bridge interface be created, then vlans bound to that? Here's the first: ip link set eth0 up ip link set eth1 up vconfig set_bind_mode PER_DEVICE vconfig set_name_type DEV_PLUS_VID_NO_PAD vconfig add eth0 4 vconfig add eth1 4 vconfig add eth0 51 vconfig add eth1 51 ip link set eth0.4 up ip link set eth1.4 up ip link set eth0.51 up ip link set eth1.51 up brctl addbr br0 brctl addif br0 eth0.4 brctl addif br0 eth1.4 brctl stp br0 off ip link set br0 up brctl addbr br1 brctl addif br1 eth0.51 brctl addif br1 eth1.51 brctl stp br1 off ip link set br1 up And the second: ip link set eth0 up ip link set eth1 up brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 brctl stp br0 off ip link set br0 up vconfig set_bind_mode PER_KERNEL vconfig set_name_type DEV_PLUS_VID_NO_PAD vconfig add br0 4 vconfig add br0 51 ip link set br0.4 up ip link set br0.51 up I lean towards the first, as it gives me more interfaces to filter, and thus more flexibility with my iptables rules. Just looking for the wisdom of experience... Thanks, Jeremy Jones
On Thursday 25 March 2004 01:23, Jeremy Jones wrote:> So right now, there's no vlan trunking going on on the link my bridging > firewall sits on, but I'm going to need to bridge two vlans, 4 and 51. My > question is this: should the vlan interfaces on the linux firewall be > created first, then bridged; or should the bridge interface be created, > then vlans bound to that?You'll need the first. The second method will only work if the packets are destined for the bridge itself. cheers, Bart