Suppose you have a layer 2 switch with support for 802.1q.
Suppose you want to route traffic from one VLAN to another VLAN.
Suppose you have two vlan with vlan_id 2 and 3.

You can use a linux box for that.

VLAN is Virtual Lan and it is created with equipments such as switches that support the 802.1q protocol
which manage to insert a ‘tag’ in the ethernet frame, this tag identifies the VLAN to which a packet belongs.

If you have two VLANs in a switch is like having physically two switches, as the packets from one does not pass
to the other, if you need to pass traffic from one to another VLAN you will have a layer 3 switch,
and enable the internal virtual router, but you can do that with a Linux Box, this way.

Configure a switch port to be member of both vlan (2 and 3).

#apt-get install vlan

— this is to install the vlan software —

#modprobe 8021q

— This is to load the 802.1q module —

#vconfig add eth0 2
#vconfig add eth0 3

— Creating two vlans over the eth0 interface —

#ifconfig eth0 up

— To make only the VLAN interfaces to have traffic, be sure you have the eth0 up or you will see no traffic at all —

#ifconfig eth0.2 broadcast netmask up
#ifconfig eth0.3 broadcast netmask up

— Asume you have this two VLANs 1 is and the second is and you want traffic between them —

Now you have this done, configure your one of your switch ports to belong to VLAN 2 and 3 at the same time, and connect your linux box to that port.

#echo 1 > /proc/sys/net/ipv4/ip_forward

— To enable packet forwarding on the linux router —

#route add -net netmask gw eth0.2
#route add -net netmask gw eth0.3

Connect your newly created linux box to the switch port configures to be member of both vlan.
That’s all.


Lascia un Commento

CAPTCHA * Time limit is exhausted. Please reload CAPTCHA.

3D Tags