Return-Path: Received: from server0.telegraafnet.nl (server0.telegraafnet.nl [192.168.1.1]) by server9.telegraafnet.nl (8.11.1/8.11.1/Debian 8.11.0-6) with ESMTP id g0B1Fmh05964 for ; Fri, 11 Jan 2002 02:15:48 +0100 Received: from vortex.telegraafnet.nl (vortex.telegraafnet.nl [195.64.78.43]) by server0.telegraafnet.nl (8.9.3/8.9.3) with ESMTP id CAA03989 for ; Fri, 11 Jan 2002 02:15:47 +0100 Received: from ns1.wanfear.com (IDENT:root@ns1.wanfear.com [207.212.57.1]) by mail.telegraafnet.nl (8.11.3/8.11.3/Debian 8.11.2-1) with ESMTP id g0B1Fki13010 for ; Fri, 11 Jan 2002 02:15:46 +0100 Received: from ns1.wanfear.com (IDENT:mailman@localhost [127.0.0.1]) by ns1.wanfear.com (8.9.1/8.9.1) with ESMTP id MAA12754; Thu, 10 Jan 2002 12:45:31 -0800 Received: from server0.telegraafnet.nl (firewall.telegraafnet.nl [195.64.78.58]) by ns1.wanfear.com (8.9.1/8.9.1) with ESMTP id MAA11882 for ; Thu, 10 Jan 2002 12:35:00 -0800 Received: from server9.telegraafnet.nl (server9.telegraafnet.nl [192.168.1.9]) by server0.telegraafnet.nl (8.9.3/8.9.3) with ESMTP id UAA32357 for ; Thu, 10 Jan 2002 20:29:04 +0100 Received: (from ard@localhost) by server9.telegraafnet.nl (8.11.1/8.11.1/Debian 8.11.0-6) id g0AJSWg26454 for vlan@Scry.WANfear.com; Thu, 10 Jan 2002 20:28:32 +0100 From: Ard van Breemen To: vlan@Scry.WANfear.com Subject: Re: [VLAN] same ip in all vlan interfaces possible? Message-ID: <20020110192832.GI25507@telegraafnet.nl> References: <15421.44456.756906.695146@hoggar.fisica.ufpr.br> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <15421.44456.756906.695146@hoggar.fisica.ufpr.br> User-Agent: Mutt/1.3.24i Sender: vlan-admin@Scry.WANfear.com Errors-To: vlan-admin@Scry.WANfear.com X-BeenThere: vlan@Scry.WANfear.com X-Mailman-Version: 2.0.6 Precedence: bulk Reply-To: vlan@Scry.WANfear.com List-Help: List-Post: List-Subscribe: , List-Id: Discussion group for 802.1Q VLAN project for Linux. List-Unsubscribe: , List-Archive: Date: Thu, 10 Jan 2002 20:28:32 +0100 On Thu, Jan 10, 2002 at 01:05:12PM -0200, Carlos Carvalho wrote: > I'm about to try ethernet tags for the first time. I need to use the > same ip in all vlan interfaces. Is this possible? > > I can't put each vlan in a different IP subnet because there will be > tens of them. I am not sure of what you are trying to do, but this is possible: Give all the networks the idea of a virtual 192.168.0.0/16 f.i. . You can divide your network in c classes by f.i.: vconfig add eth0 2 ip addr add 127.0.0.1/8 dev vlan2 ip route add 192.168.2.0/24 dev vlan2 echo 1 > /proc/sys/net/ipv4/conf/vlan2/proxy_arp vconfig add eth0 3 ip addr add 127.0.0.1/8 dev vlan3 ip route add 192.168.3.0/24 dev vlan3 echo 1 > /proc/sys/net/ipv4/conf/vlan2/proxy_arp vconfig add eth0 4 ip addr add 127.0.0.1/8 dev vlan4 ip route add 192.168.4.0/24 dev vlan4 echo 1 > /proc/sys/net/ipv4/conf/vlan2/proxy_arp vconfig add eth0 5 ip addr add 127.0.0.1/8 dev vlan5 ip route add 192.168.5.0/24 dev vlan5 echo 1 > /proc/sys/net/ipv4/conf/vlan2/proxy_arp ip addr add 192.168.0.1/32 dev lo echo 1 > /proc/sys/net/ipv4/ip_forward If 192.168.5.2 tries to ping 192.168.3.9, it will arp for it, since it thinks it is in the same subnet (/16). Your box knows how to route it, and therefore will reply to the arp. 192.168.5.2 will then send the packet to your box, which will happily forward it. The default gw in this example is 192.168.0.1, put on lo. You need to have at least 1 ip address on a device to get the ip stack bound to that device. If you don't have an ip address on a device (no matter what ip address), you will not be able to use the kernel-ip stack on that device. Not binding the kernel ip-stack to the device is a good idea if you want to do some network sniffing for intrusion detection etc... (Thanks to Pauline Middelink for pointing me at the proxy_arp idea) DISCLAIMER: I already tested the concept using 127.0.0.1 addresses and proxy-arp in a sort of production environment. I did not test the example above :) -- Telegraaf Elektronische Media http://wwwijzer.nl http://leerquoten.monster.org/ http://www.faqs.org/rfcs/rfc1855.html Let your government know you value your freedom. Sign the petition: http://petition.eurolinux.org/ _______________________________________________ VLAN mailing list - VLAN@Scry.WANfear.com http://www.WANfear.com/mailman/listinfo/vlan VLAN Page: http://scry.wanfear.com/~greear/vlan.html