* [Bridge] VLAN translation + PVST+
@ 2006-05-18 1:09 Ian Schwimmer
2006-05-18 6:40 ` Gergely Madarasz
2006-05-18 14:40 ` John W. Linville
0 siblings, 2 replies; 7+ messages in thread
From: Ian Schwimmer @ 2006-05-18 1:09 UTC (permalink / raw)
To: bridge
Hello, I am creating a configuration where a Redhat server running
bridge-tools 0.9.5 will be bridging between different VLANs on the same
physical interface (for example: a bridge consisting of eth1.100 and
eth1.110). This physical interface is being connected to modern Cisco
switches running PVST+.
The Cisco switch does not like this configuration as the tags on its
BPDUs are being changed but the contents of the BPDUs are left unchanged.
I need to be running PVST+ because there will be multiple Linux servers
performing this VLAN translation/remapping (so there are going to be
some loops that I will need blocked).
Has anyone succeeded in getting VLAN translation/remapping (bridging
between two different VLAN tags) working with Cisco PVST+? (not simply
disabling spanning tree). Thank you!
Ian Schwimmer
310-897-9001
ian@us.checkpoint.com
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bridge] VLAN translation + PVST+
2006-05-18 1:09 [Bridge] VLAN translation + PVST+ Ian Schwimmer
@ 2006-05-18 6:40 ` Gergely Madarasz
2006-05-18 14:40 ` John W. Linville
1 sibling, 0 replies; 7+ messages in thread
From: Gergely Madarasz @ 2006-05-18 6:40 UTC (permalink / raw)
To: Ian Schwimmer; +Cc: bridge
On Wed, May 17, 2006 at 06:09:37PM -0700, Ian Schwimmer wrote:
> Hello, I am creating a configuration where a Redhat server running
> bridge-tools 0.9.5 will be bridging between different VLANs on the same
> physical interface (for example: a bridge consisting of eth1.100 and
> eth1.110). This physical interface is being connected to modern Cisco
> switches running PVST+.
>
> The Cisco switch does not like this configuration as the tags on its
> BPDUs are being changed but the contents of the BPDUs are left unchanged.
>
> I need to be running PVST+ because there will be multiple Linux servers
> performing this VLAN translation/remapping (so there are going to be
> some loops that I will need blocked).
>
> Has anyone succeeded in getting VLAN translation/remapping (bridging
> between two different VLAN tags) working with Cisco PVST+? (not simply
> disabling spanning tree). Thank you!
Actually I have just written a patch for 2.6.16 the other day which
supports PVST+ packet format. It adds a pvst_vlan attribute to each port
in a bridge, which, if not 0, causes the bpdu's sent on that port to use
the pvst+ llc header and add the vlan tlv at the end of the packet.
For example you can bridge two vlan interfaces like eth0.4 and eth1.7,
with setting pvst_vlan to 4 on eth0.4 and to 7 on eth1.7 (no automatic
voodoo). Your example can be done too, briding two vlans on the same
trunk.
Should I send the patch to the list or just in private?
--
Madarasz Gergely gorgo@broadband.hu gorgo@linux.rulez.org
It's practically impossible to look at a penguin and feel angry.
Egy pingvinre gyakorlatilag lehetetlen haragosan nezni.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bridge] VLAN translation + PVST+
2006-05-18 1:09 [Bridge] VLAN translation + PVST+ Ian Schwimmer
2006-05-18 6:40 ` Gergely Madarasz
@ 2006-05-18 14:40 ` John W. Linville
2006-05-18 15:02 ` Ian Schwimmer
2006-05-18 15:30 ` [Bridge] VLAN translation + PVST+ Ben Greear
1 sibling, 2 replies; 7+ messages in thread
From: John W. Linville @ 2006-05-18 14:40 UTC (permalink / raw)
To: Ian Schwimmer; +Cc: bridge
On Wed, May 17, 2006 at 06:09:37PM -0700, Ian Schwimmer wrote:
> Hello, I am creating a configuration where a Redhat server running
> bridge-tools 0.9.5 will be bridging between different VLANs on the same
> physical interface (for example: a bridge consisting of eth1.100 and
> eth1.110). This physical interface is being connected to modern Cisco
> switches running PVST+.
I'm curious as to how this is useful? What is the point of having
two VLANs on the same segment if you are just going to bridge them
together? Is this useful for something beyond some sort of migration?
Curious,
John
--
John W. Linville
linville@tuxdriver.com
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bridge] VLAN translation + PVST+
2006-05-18 14:40 ` John W. Linville
@ 2006-05-18 15:02 ` Ian Schwimmer
2006-05-18 15:35 ` Vivek Kuncham
2006-05-18 15:30 ` [Bridge] VLAN translation + PVST+ Ben Greear
1 sibling, 1 reply; 7+ messages in thread
From: Ian Schwimmer @ 2006-05-18 15:02 UTC (permalink / raw)
To: John W. Linville; +Cc: bridge
It is useful if the server doing the bridging is also doing something
else, such as firewall policy enforcement.
Then, you may move hosts in and out of the "protected" VLAN simply by
changing their port VLAN assignment. No messing with cabling, no IP
address changes.
-Ian
John W. Linville wrote:
> On Wed, May 17, 2006 at 06:09:37PM -0700, Ian Schwimmer wrote:
>
>> Hello, I am creating a configuration where a Redhat server running
>> bridge-tools 0.9.5 will be bridging between different VLANs on the same
>> physical interface (for example: a bridge consisting of eth1.100 and
>> eth1.110). This physical interface is being connected to modern Cisco
>> switches running PVST+.
>>
>
> I'm curious as to how this is useful? What is the point of having
> two VLANs on the same segment if you are just going to bridge them
> together? Is this useful for something beyond some sort of migration?
>
> Curious,
>
> John
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bridge] VLAN translation + PVST+
2006-05-18 14:40 ` John W. Linville
2006-05-18 15:02 ` Ian Schwimmer
@ 2006-05-18 15:30 ` Ben Greear
1 sibling, 0 replies; 7+ messages in thread
From: Ben Greear @ 2006-05-18 15:30 UTC (permalink / raw)
To: John W. Linville; +Cc: bridge
John W. Linville wrote:
> On Wed, May 17, 2006 at 06:09:37PM -0700, Ian Schwimmer wrote:
>
>>Hello, I am creating a configuration where a Redhat server running
>>bridge-tools 0.9.5 will be bridging between different VLANs on the same
>>physical interface (for example: a bridge consisting of eth1.100 and
>>eth1.110). This physical interface is being connected to modern Cisco
>>switches running PVST+.
>
>
> I'm curious as to how this is useful? What is the point of having
> two VLANs on the same segment if you are just going to bridge them
> together? Is this useful for something beyond some sort of migration?
You can add a bridge group for 10 vlans, and route them to another bridge
group of 10 VLANs. You can also enforce firewall rules on particular
VLANs (ie, could put each customer on individual VLAN, and backhaul them
all to one linux box to bridge/firewall/bill/etc them...)
Ben
>
> Curious,
>
> John
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> https://lists.osdl.org/mailman/listinfo/bridge
--
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc http://www.candelatech.com
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bridge] VLAN translation + PVST+
2006-05-18 15:02 ` Ian Schwimmer
@ 2006-05-18 15:35 ` Vivek Kuncham
2006-05-18 17:45 ` [Bridge] getting off list Stephen Hemminger
0 siblings, 1 reply; 7+ messages in thread
From: Vivek Kuncham @ 2006-05-18 15:35 UTC (permalink / raw)
To: Ian Schwimmer; +Cc: bridge
I have no idea how I got on this list. Would someone mind taking me
off? I'm not sure how to do it.
Thanks,
Vivek
On 5/18/2006 11:02 AM, Ian Schwimmer wrote:
> It is useful if the server doing the bridging is also doing something
> else, such as firewall policy enforcement.
>
> Then, you may move hosts in and out of the "protected" VLAN simply by
> changing their port VLAN assignment. No messing with cabling, no IP
> address changes.
>
> -Ian
>
> John W. Linville wrote:
>
>> On Wed, May 17, 2006 at 06:09:37PM -0700, Ian Schwimmer wrote:
>>
>>
>>> Hello, I am creating a configuration where a Redhat server running
>>> bridge-tools 0.9.5 will be bridging between different VLANs on the
>>> same physical interface (for example: a bridge consisting of
>>> eth1.100 and eth1.110). This physical interface is being connected
>>> to modern Cisco switches running PVST+.
>>>
>>
>>
>> I'm curious as to how this is useful? What is the point of having
>> two VLANs on the same segment if you are just going to bridge them
>> together? Is this useful for something beyond some sort of migration?
>>
>> Curious,
>>
>> John
>>
>
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> https://lists.osdl.org/mailman/listinfo/bridge
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bridge] getting off list
2006-05-18 15:35 ` Vivek Kuncham
@ 2006-05-18 17:45 ` Stephen Hemminger
0 siblings, 0 replies; 7+ messages in thread
From: Stephen Hemminger @ 2006-05-18 17:45 UTC (permalink / raw)
To: bridge
On Thu, 18 May 2006 11:35:56 -0400
Vivek Kuncham <vkuncham@fas.harvard.edu> wrote:
> I have no idea how I got on this list. Would someone mind taking me
> off? I'm not sure how to do it.
>
> Thanks,
> Vivek
Every posting on this list has a footer with the web site of the mailing list.
Go there, enter your email address, hit unsubsribe
Then respond to the confirmation email.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2006-05-18 17:45 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-05-18 1:09 [Bridge] VLAN translation + PVST+ Ian Schwimmer
2006-05-18 6:40 ` Gergely Madarasz
2006-05-18 14:40 ` John W. Linville
2006-05-18 15:02 ` Ian Schwimmer
2006-05-18 15:35 ` Vivek Kuncham
2006-05-18 17:45 ` [Bridge] getting off list Stephen Hemminger
2006-05-18 15:30 ` [Bridge] VLAN translation + PVST+ Ben Greear
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox