Linux and VLAN

09-16-2005, 09:15 PM

Hi

in a pen test of a Ip Voice network I have the following issue :
the ip phone sends 802.1q tagged datas to the switch and the switch
sends back non tagged datas.

I tried to simulate an IP phone Vlan behaviour to do my pen test (like
arp spoofing, dhcp corruption) but it clearly fail as if I use Vconfig
it creates a tagged interface and coming back datas are not seen by this
interface.

Is there a way to do an interface that sends taggued data and accept non
802.1q taggued data ?

regards

09-17-2005, 03:40 PM

Sylvain Eche wrote:

> Is there a way to do an interface that sends taggued data and accept non
> 802.1q taggued data

You want to mix tagged and untagged data on the same NIC? If I remember
correctly, the eth0 interface (or ethN) would be untagged while eth0.1 (or
ethN.M) will be tagged/expect to be tagged for VLAN M.

Also remember that you can mix tagged interfaces and virtual interfaces (ie.
ethN.M:X).

- Andrew

09-17-2005, 08:13 PM

If I remember
correctly, the eth0 interface (or ethN) would be untagged while eth0.1 (or
ethN.M) will be tagged/expect to be tagged for VLAN M.

You 're right but the problem is if I do a ping -I eth0.1
the icmp packets comes out tagged and in my case they comes back
untagged so through eth0 and my ping don't see the answer as it sticks
to eth0.1

> Also remember that you can mix tagged interfaces and virtual interfaces (ie.
> ethN.M:X).

I'm not sure to understand what you mean ?

09-19-2005, 02:25 PM

Sylvain Eche wrote:

> You 're right but the problem is if I do a ping -I eth0.1
> the icmp packets comes out tagged and in my case they comes back
> untagged so through eth0 and my ping don't see the answer as it sticks
> to eth0.1

This sounds like a problem not with the machine sending the ICMP Ping
packets but with the machine sending the ICMP Pong packets (or perhaps a
intervening switch if the Pong-er isn't 802.1q-aware itself).

I don't experience this problem on my Linux machines that are 802.1q-aware.

If you're forced to use -I, then I wonder if it might be a routing issue.
Perhaps the Ponger has some reason to route response packets differently
than you're expecting such that they reach eth0 instead of eth0.1.

- Andrew

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Linux stripping off VLAN header	Prasanna	Linux Networking	4	06-04-2008 07:37 AM
VLAN - Security risk or not: 1 Port in 2 VLAN's	arno	Windows Networking	6	11-28-2006 10:57 PM
Change Linux VLAN/Gateway Routing to a Layer 3	Jacob	Linux Networking	0	03-10-2006 04:13 PM
To vlan or not to vlan, that's the question	Xous - Jose R. Negreira	Linux Networking	10	04-20-2005 04:00 PM
Red Hot Linux v9.0 [2 DVDs]. Red Hot Linux v9.0 [3 CDs]. Redhat Enterprise Linux ES v3.0 REPACK [4 CDs]. Mandrake Linux 9.2 [3 CDs] -new !	TEL	Linux Networking	0	12-01-2003 12:06 PM