[VLAN] About VLAN implementation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I am new at VLAN so please be patient!:)
A*s far as I understood the concept of the VLAN it is useful for separating
different LANS from each other improving the security.

I tried a really easy use of VLAN package and I was not able to get it work
as I desired.
	VLAN2		eth3		eth2       		VLAN3
PC A  ---------------------------------------->  PC
B ----------------------------------> PC C

All of them are Linux boxes. At PC B there is IP forwarding switched on.
So I configured  at PCB eth2.3 interface and eth3.2 interface with class C
addresses and different subnets.
The eth3 and eth2 interfaces at PC B are up with 0.0.0.0 ip address.
The PC A and PC C interfaces are also set to use vlan tags. In this case PC
A eth1.2 PC C is eth1.3.

If I try to ping from PCA the PC C than I can do that!!! How can it be?! Why
should I use iptables to DROP those packages?! It think VLAN should do this
by itself?!
How can I do that that there is a subnet instead of PC A and all the VLAN3
tagged package goes to PC C but nothing from another VLAN?!


Another question about VLAN over MAC address. Is that already in use?!
Shouldn't be there a table which tells which MAC address is associated with
which VLAN ?!
How can I filter out the wrong packages not to send to wrong VLAN based on
MAC address?

Thank you in advice.

Csaba

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.751 / Virus Database: 502 - Release Date: 9/2/2004


[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux