Re: [VLAN] Multiple subnets of the same IP space, different VLANs, same box...

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Kevin P. Fleming" <kpfleming@starnetworks.us>
To: "Linux 802.1Q VLAN" <vlan@candelatech.com>
Cc: netfilter@lists.netfilter.org, vlan@lanforge.com
Subject: Re: [VLAN] 	Multiple subnets of the same IP space, different VLANs,  same box...
Date: Tue, 15 Feb 2005 11:13:30 -0700	[thread overview]
Message-ID: <42123BCA.1080306@starnetworks.us> (raw)
In-Reply-To: <42122E91.2000707@joyner.ws>

Aaron S. Joyner wrote:

> Any input anyone can offer about possible solutions, or even providing 
> further insight into the problem, would be most appreciated.  :)

I don't see how you can make this work without SNAT'ing all the incoming 
traffic on each VLAN interface into a unique IP address range. In 
addition, as you already mentioned, you'll have to mess with the routing 
tables as well; you can apply a "mark" to the connections in the 
connection table for each VLAN interface, then use that to select an 
outbound routing table.

It's pretty complex; realistically, you might actually be better off 
creating virtual machines to NAT the traffic onto the "internal" network 
in the box, then hide it all from the services on that box.

Alternatively, you could buy a whole boatload of cheap NAT routers, and 
attach each one of them to a non-tagged VLAN port on your switch (one 
for each VLAN), then connect the "upstream" side of them to a 
non-VLAN-enabled switch with your Linux box on it.

Third alternative would be to do the VLAN switching with a device that 
is actually a Layer 3 router as well, that can do the NAT for you.

All of these solutions, though, involve NAT, which will bring along 
other problems if you are running applications/protocols that are not 
NAT friendly.

next prev parent reply	other threads:[~2005-02-15 18:13 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-02-15 17:17 Multiple subnets of the same IP space, different VLANs, same box Aaron S. Joyner
2005-02-15 18:13 ` Kevin P. Fleming [this message]
2005-02-15 22:03 ` Jason Opperisano
2005-02-16 12:27   ` Tobias DiPasquale

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=42123BCA.1080306@starnetworks.us \
    --to=kpfleming@starnetworks.us \
    --cc=netfilter@lists.netfilter.org \
    --cc=vlan@candelatech.com \
    --cc=vlan@lanforge.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.