Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm trying to configure a linux machine to have multiple VLANs on eth0. The computer is plugged into a Cisco 3550, and the port on the switch is trunked.
I am using Mandriva 2006, and it does include vlan utilities, read: vconfig
Let me tell you what I want, and where I'm at.
For starters, I have two VLANs: 127 and 254. On the 127 VLAN, the IP address is to be configured statically. On the 254 VLAN, the IP address should be returned from a DHCP server.
I guess a starting question would be, do I need ifcfg-eth0? is it correct?
DHCP does not work for VLAN 254, no address is assigned. VLAN 127 has a static address, but I am unable to ping other hosts on the 127 VLAN.
Do I need to change the scripts around? or maybe I need to modify ifup? the scripts after a onceover appear to be set up to do VLANs, but I don't know what I am missing.
Thanks I had seen a few of those pages after doing a search and none had the information I needed. It seemed like everything I tried didn't work, one VLAN would get data, the other would not.
First of all, I couldn't get either VLAN to work while Shorewall was running. More on that later. I turned off Shorewall temporarily.
I did an ethereal dump of the data flowing thru eth0, and saw traffic in both directions for both VLANs going thru eth0, but I never received any data on VLAN 254. This is why DHCP was not working (the data never came back from the switch). Looking in the ethereal dump, I could see my computer asking for a DHCP address, and the DHCP server replying, but dhclient acted like nothing ever happened. Then it dawned on me to recheck the Cisco switch configuration. Although I knew that the port was trunked, I wanted to check the other port parameters. What bit me was:
switchport trunk native vlan 254
I was sending out packets with VLAN information, but because VLAN 254 was native for the port, the switch was sending VLAN 254 packets back with no VLAN information in them. This is not readily apparent, I'm not sure how you can see if an incoming packet has VLAN information. Anyway, I went into the switch and removed the native vlan parameter for that port.
Now I was getting data on both VLANs as I expected. Good!
Now, I had to get Shorewall working. Shorewall was set up to work with interface eth0. Shorewall documentation makes no mention of VLANs, however it mentioned aliasing, different concept I know. Reading the criteria for aliasing led me to believe that Shorewall needed to be set up one interface for each VLAN. In the /etc/shorewall/interfaces file I removed:
net eth0 detect
and added:
net eth0.127 detect
net eth0.254 detect dhcp
I restarted Shorewall, and both VLANs were operational.
Distribution: Distribution: RHEL 5 with Pieces of this and that.
Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700
Rep:
Never thought you had a firewall up. A basic question anymore in network. Easy to miss the simple things. Glad to see you have the interfaces up.
Now I am not a user of shorewall, mostly use to using iptables for firewalling. Not sure if shorewall uses iptables or not. But in iptables it does not understand anthing other than eth* or IP. I know iptables does not handle virtual aliasing IP like eth0:0, eth0:1, and so on but not sure about your layout eth0.127. To make use of Alias IP one needs to use the IP and not eth0:0.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
