PT. Hawk Teknologi Solusi

Silahkan Cari Disini

Jumat, 29 Agustus 2008

VLAN di Fedora

802.1Q VLAN Prerequisites

802.1Q-Tagged VLANs require "smart" or managed Ethernet switches that support the IEEE 802.1Q standard, and the drivers for your Ethernet interfaces must also support it. You should be able to mix-and-match brand names, as long as they support 802.1Q. Beware of proprietary VLAN tagging that only works within a single brand. If it says 802.1Q you should be OK.

802.1Q has been supported by the Linux kernel for a long time, thanks to Ben Greear, maintainer of the 802.1Q VLAN implementation for Linux. You shouldn't have to patch your kernel or jump through any weirdo hoops. It's easy enough to check by searching your relevant kernel config file:

$ grep -i 8021Q /boot/config-2.6.22-14

Haha! See the clever gotcha? The kernel option is 8021Q, not 802.1Q. That one about drove me nuts until I figured it out. Of course you could search on vlan instead, which is probably what the smart kids do.

Creating VLAN Devices

Now we'll test an Ethernet interface to make sure we can create a virtual interface by assigning it a VLAN ID, and then temporarily assign an IP address for testing. You need the vconfig command, which should be available in your Linux distribution as part of the vlan package. You can use any random number for your VLAN ID, from 0-4095, since this is just a test:

# vconfig add eth1 55

That adds VLAN ID 55 to eth1. You might see this message:

WARNING: Could not open /proc/net/vlan/config. Maybe you need to load the 8021q module, or maybe you are not using PROCFS?? Added VLAN with VID == 55 to IF -:eth1:-

Nothing is wrong; it means that vconfig saw that the 8021q module was not loaded, and kindly loaded it for you. Which you can see with lsmod:

$ lsmod | grep 8021q
8021q 21768 0

Check your interface with ifconfig:

$ ifconfig -a
eth1.55 Link encap:Ethernet HWaddr 00:0B:6A:EF:7E:8D
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

The interface is not up, and it has not been assigned an address. Use the ifconfig command for this:

# ifconfig eth1.55 netmask up

Remove a VLAN ID this way:

# ifconfig eth1.55 down
# vconfig rem eth1.55
Removed VLAN -:eth1.55:-

So you can see there is a little bit of command syntax trickiness- add adds a VLAN ID, and rem removes a VLAN device. You can capture useful information on your VLAN interfaces by reading their corresponding /proc files:

# cat /proc/net/vlan/eth1.55


Tidak ada komentar: