On Thu, 2003-04-10 at 15:33, Matti Aarnio wrote: > On Thu, Apr 10, 2003 at 02:41:02PM +0200, Daniel Larsson wrote: > > Anyone who has setup a linux box with super-vlan? > > Do you mean what is described at: > http://www.faqs.org/ftp/rfc/rfc3069.txt > > I don't think Linux IP routing supports that. > VLANs are just an external ethernet multiplexor giving the box > a number of "virtual" ethernet ports for other uses. On top of > those ports, various applications, like IP routing can be done. > ... but can RFC 3069 really be done, I don't know. One could use proxyarp and a lot of entries in the routingtable. This limits it to IP. Or it could probably be setup using the ethernet bridge in the kernel to connect the vlan's to eachother. And then use ebtables to limit which layer2 traffic can go from one vlan (bridge-port) to another. And for both cases you can firewall the IP-traffic using iptables. -- /Martin - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
