Linux bridging VLANs

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
R

rthorntn

Member
Apr 28, 2011
81
12
8
Hi

I hope you can help.

Can a linux box with 3 interfaces be configured as follows:

Interface 1 marks traffic entering it as 802.1q vlan 100 and has no ip address
Interface 2 marks traffic entering it as 802.1q vlan 200 as has no ip address
Interface 3 is a 802.1q trunk and uplinks vlan 100 and 200, again it has no ip address

All 3 interfaces are then added to a linux bridge, basically mimicking a switch.

I am trying to figure out if I can test the tagging on the XS708E (see other post) with 3 linux boxes because I don't have access to a cisco switch like the one in production.

Thanks for looking.

Cheers
Richard
 
Last edited:
TuxDude

TuxDude

Well-Known Member
Sep 17, 2011
616
338
63
It should be reasonably easy to make work, though not quite in exactly the way you described above. And also, I've never tried to do something quite like that so these instructions are more of a general idea that you may need to research a bit further rather than a specific set of commands/configs.

First off, your three interfaces need to be setup slightly differently than described above.
Interface1 will be sending/receiving untagged packets destined for VLAN 100 (lets call it eth1)
Interface2 will be sending/receiving untagged packets destined for VLAN 200 (following along, eth2)
Interface3 is where the fun stuff happens - when an interface on linux supports multiple VLANs, you get virtual interfaces. If we call this interface eth3, then you will also have virtual devices for eth3.100 and eth3.200 each of which are carrying the untagged packets for the respective VLANs.

So your bridging setup becomes simple, you just bridge eth1 with eth3.100, and eth2 with eth3.200 and the kernel will take care of adding/removing 802.11q tags as needed as traffic enters/leaves eth3.

Also, it shouldn't hurt things to have IP addresses on any of those interfaces (including the virtual ones). Depending on how the rest of the network is setup it may even be required so that you can use those addresses as gateway addresses.
 
You must log in or register to reply here.
Top Bottom