Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > inter vlan routing

Reply
Thread Tools Display Modes

inter vlan routing

 
 
joe
Guest
Posts: n/a

 
      04-01-2005, 09:41 AM
hi,

sorry for disturbing you. I got a problem with linux and vlans. Would be
great if you could give me some hints so that I can solve my problem.

I want to secure my internal network with linux firewalling using
content filtering. This works - of course - great if i stay in the world
"of layer 3". But if i want to rape my linux box so that the box acts
like a switch it does not work. it is possible for me to configure some
kind of "inter vlan routing" but what i need is "inter vlan switching".

an example:
i got two cisco switches in every location offering lots of vlan (w-lan
for voice over ip, w-lan for data, printer stuff, citrix stuff ...).
these switches are communicating with a big cisco catalyst in the main
data center (we got two of them). I want to secure the traffic between
the two switches using linux + content filtering + iptables ... but i am
too stupid to make the switches communicate through the linux box. i can
communicate trough vlans with the linux box. but i can not communicate
with the switch at the other side. i guess this is because the box does
not send the packets for certain vlans to all physical interfaces having
configured the sender (same) vlan (only two one ... maybe the box wants
to route ?)...

would be great if you´d got some ressources for me to solve my problem
--> learn how to build a linux switch.

thx i advance

joe
 
Reply With Quote
 
 
 
 
Andrew Gideon
Guest
Posts: n/a

 
      04-01-2005, 08:16 PM
joe wrote:

> I want to secure the traffic between
> the two switches using linux + content filtering + iptables

I don't quite understand this. Are you trying to move packets from a port
in VLAN 1 on switch A to a port on VLAN 1 on switch B? Why not just have a
trunk between the two switches? A VLAN should be a security domain, so
"filtering" wouldn't play a part in its communication.

If you want to filter traffic between two ports, they should be on separate
VLANs. This means "routing", which gives you a point at which you can
insert your Linux box and its ability to filter.


How many ethernet ports do you have on your Linux machine? Are they
configured as trucks? If so, then I'm not sure how you can convince the
Linux machine to retransmit a packet from VLAN 1 to VLAN 1. That would
seem to be a Bad Thing, in fact, in that you could cause packet loops.

- Andrew
 
Reply With Quote
Reply

« NFS export problem | Roaring Penguin PPPoE and lockups »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
VLAN routing issues jonathantpage@gmail.com Linux Networking 7 02-05-2009 11:55 PM
How to Configure Inter-VLAN Routing on a Cisco Router Mohammed Alani Network Routers 0 04-17-2007 08:39 AM
Change Linux VLAN/Gateway Routing to a Layer 3 Jacob Linux Networking 0 03-10-2006 04:13 PM
Routing and Remote Access for inter-connecting 2 LANs =?Utf-8?B?S2V2X2lu?= Windows Networking 1 11-10-2004 02:31 PM
poptop vpn + redhat 9 + VLAN + routing problem Steve Woolley Linux Networking 2 03-04-2004 09:55 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11