Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Better way to do VLAN in Linux

from [Cedric Blancher] Network Security [Permanent Link]
Subject: Re: Better way to do VLAN in Linux
Date: Thu, 26 Aug 2004 00:52:10 +0200 
Le lun 23/08/2004 à 22:37, Jose Maria Lopez a écrit :

I'm trying to implement a VLAN with a Linux router
and I would like to know your opinion about which one
is the best option to do it. The Linux router is
connected to two switches without VLAN funcionality.


I don't exactly get what you want to achieve. Especially, I don't get
the link between VLAN support and IP/MAC changing... Maybe you can be
more specific.

By the way, Linux supports 802.1q VLAN encapsulation. This means you can
connect a Linux box to a VLAN aware switch using a 802.1q trunk to one
of its interfaces, say eth0. Then you can add logical interfaces to each
VLAN carried by your trunk, sau eth0.1, eth0.2, etc. (naming can be
changed to vlan1, vlan2, or more, you have 4 different naming schemes,
see documentation).

Once your logicial interfaces are created, you can see regular trafic
through them, 801.2q traffic being seen through native interface (eth0).
Then you only have to provide routing and filtering between your
interfaces and you're done.

If you feel brave, you can use interface bonding to provide your trunk
additionnal bandwidth or high availibility feature.


-- 
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  x.25 link running HDLC does not need firewall?, K Shen
Next by Date:  Re: FWSM NAT translation problem, Cesar Farro Flores
Previous by Thread:  Better way to do VLAN in Linux, Jose Maria Lopez
Next by Thread:  Re: Better way to do VLAN in Linux, Jose Maria Lopez
Indexes:  [Date] [Thread] [Top] [All Lists]