From: Aseem Rastogi <aseem@india.tejasnetworks.com>
To: Henrik Nordstrom <hno@marasystems.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Iptables and vlan interfaces
Date: Mon, 03 Oct 2005 14:57:12 +0530 [thread overview]
Message-ID: <4340F970.7060900@india.tejasnetworks.com> (raw)
In-Reply-To: Pine.LNX.4.61.0510031035150.22605@filer.marasystems.com
thanks all for the info.
regards,
aseem.
Henrik Nordstrom wrote:
> On Mon, 3 Oct 2005, Aseem Rastogi wrote:
>
>> i have been following this post rather keenly. it now seems to have
>> died down. but still i am not able to understand what is a vlan
>> interface.
>
>
> VLANs is IEEE 802.1Q, dividing Ethernet into 4097 virtual Ethernet
> networks. (the normal untagged network + 4096 .1q tagged networks = 4097)
>
> VLAN is normally only used within and between switches, but it is also
> possible to use between the switch and a server/host allowing the
> server to participate in multiple VLANs on the switch.
>
> This is configured on the Linux side using vconfig, creating one
> vritual network interface per such virtual Ethernet being used between
> the server and the switch. The virtual interfaces created by vconfig
> is true virtual interfaces and can even have a different MAC address
> than the physical interface if you like (defaults to use the same MAC
> however). These virtual interfaces is named like
> physicalinterface.vlannumber (i.e. eth0.45 for the VLAN with the .1q
> tag 45 on the eth0 physical connection).
>
> More information on the VLAN support in Linux can be found from
> http://www.candelatech.com/~greear/vlan.html. The needed software is
> also available in most distributions (the kernel driver is available
> in the kernel since many years back).
>
>> can somebody please give me some pointer where i can read about this.
>> vlan i thought is a l2 concept and should have nothing to do with l3.
>
>
> vlan is indeed purely a l2 concept, using a slightly different
> Ethernet frame format than normal Ethernet allowing for multiple
> virtual Ethernet networks to be transported over the same cable.
>
> IP-aliases on the other hand is purely a l3 concept, allowing you to
> have more than one IP address on the same interface, optionally
> labelled with a name (interface:name) for administrative purposes. The
> (optional) label on an IP-alias has no significant meaning other than
> as a reminder to the administrator, and to produce confusing results
> when using ifconfig (ifconfig has the odd habit of displaying the
> named ip-aliases as if they were separate interfaces).
>
> Regards
> Henrik
>
--
The end is always good. If it's not good, it's not the end.
next prev parent reply other threads:[~2005-10-03 9:14 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-30 11:21 Iptables and vlan interfaces sebastian.ionita
2005-09-30 11:34 ` Sascha Reissner
2005-09-30 11:37 ` Marc Haber
2005-09-30 11:56 ` Marcin Giedz
2005-09-30 12:44 ` Henrik Nordstrom
2005-09-30 12:54 ` sebastian.ionita
2005-09-30 13:39 ` /dev/rob0
2005-09-30 13:41 ` Marc Haber
2005-09-30 13:55 ` /dev/rob0
2005-09-30 14:14 ` Marc Haber
2005-09-30 15:21 ` Henrik Nordstrom
2005-10-03 6:48 ` Aseem Rastogi
2005-10-03 7:44 ` Marc Haber
2005-10-03 8:55 ` Aseem Rastogi
2005-10-03 8:59 ` Marc Haber
2005-10-03 9:16 ` Henrik Nordstrom
2005-10-03 9:24 ` Marc Haber
2005-10-03 12:46 ` Henrik Nordstrom
2005-10-03 9:27 ` Aseem Rastogi [this message]
2005-10-03 10:05 ` Aseem Rastogi
2005-10-03 10:02 ` Marc Haber
2005-10-03 12:18 ` Henrik Nordstrom
-- strict thread matches above, loose matches on Subject: below --
2005-09-30 12:04 Baake, Matthias
2005-09-30 12:53 Baake, Matthias
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4340F970.7060900@india.tejasnetworks.com \
--to=aseem@india.tejasnetworks.com \
--cc=hno@marasystems.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox