Hi Kannan, I think there is a mistake. A VLAN capable switch should be there in the network. i.e., box A should a VLAN capable switch and you should configure vlan2 and vlan3 in it. Box M should be connected to the trunk port of the switch and you should configure virtual interfaces in Box M on each vlan (vlan 2 and vlan 3). Box B and Box C should be connected to the access ports of the switch, and those ports are to be congiured to be member of the vlans (B's port in vlan2 and C's port in vlan3) hope i am clear. best regards jojan -----Original Message----- From: Kannan [mailto:kjeyapal@xxxxxxxxxxxxx] Sent: Saturday, November 20, 2004 12:55 PM To: 'Linux 802.1Q VLAN' Subject: RE: [VLAN] VLAN and Bridge interaction. Hello, Thanks Peter for your reply. I tried with the following example based on the message to which you directed me to. But still I have a few doubts. My setup is like this. +--------+eth0 +---------------+ trunk ( Box M )------| router/switch |----------- ( ) eth0| box A |eth1 | | +--------+ +---------------+ | | vlan2| v3| | | +--------+ | | | eth0| eth0| +--------+ +--------+ | Host | | Host | | box B | | box C | +--------+ +--------+ I made the following configurations. Box A: ifconfig eth0 0.0.0.0 ifconfig eth1 0.0.0.0 ip addr add 10.0.0.10/24 broadcast 10.0.0.255 dev eth0 ip link set eth0 up ip link set eth1 up vconfig set_name_type DEV_PLUS_VID_NO_PAD vconfig add eth1 2 vconfig add eth1 3 brctl addbr br0 brctl addif br0 eth1.2 brctl addif br0 eth1.3 ip addr add 20.0.0.10/24 broadcast 20.0.0.255 dev eth1.2 ip addr add 20.0.1.10/24 broadcast 20.0.1.255 dev eth1.3 ip link set eth1.2 up ip link set eth1.3 up ip link set br0 up iptables -F iptables -P FORWARD DROP iptables -A FORWARD -i eth1.2 -o eth0 -s 20.0.0.0/24 -j ACCEPT #v2->inet iptables -A FORWARD -i eth0 -o eth1.2 -d 20.0.0.0/24 -j ACCEPT #inet->v2 iptables -A FORWARD -i eth1.3 -o eth0 -s 20.0.1.0/24 -j ACCEPT #v3->inet iptables -A FORWARD -i eth0 -o eth1.3 -d 20.0.1.0/24 -j ACCEPT #inet->v3 iptables -t nat -A POSTROUTING -o eth0 -s 20.0.0.0/16 -j MASQUERADE echo 1> /proc/sys/net/ipv4/ip_forward Box M: ifconfig eth0 10.0.0.20 netmask 255.255.255.0 up Box B: ifconfig eth0 20.0.0.20 netmask 255.255.255.0 up Box C: ifconfig eth0 20.0.1.20 netmask 255.255.255.0 up This is my setup. If I ping from Box A for the Host (20.0.0.20), There is no reply. But I could see at the Ethereal on BoxB eth0, I could see the ARP packet of who has 20.0.0.20 from 20.0.0.10. But I could not get the Reply from the 20.0.0.20 being sent out. Please let me know whether anything is wrong in my setup/configuration. --------------------------------- Another thing that I tried in the same setup is as follows: I configured VLAN on Box B to see whether ping will work. But still it was not fruitful. This configuration on Box B is as follows: ifconfig eth0 0.0.0.0 vconfig add eth0 2 ifconfig eth0.2 20.0.0.20 netmask 255.255.255.0 up But still I could not ping to 20.0.0.10 from 20.0.0.20 or the reverse also. ----------------------------------- Could someone help me out in getting the ping work in this topology. Thanks, Bye, Kannan.J On Fri, Nov 19, 2004 at 09:07:16AM +0530, Kannan wrote: > I am trying to understand VLAN and Bridging Interactions in Linux. [..] > Can some one throw me some details? Perhaps you can pick something up from http://www.lanforge.com/pipermail/vlan/2004-November/000105.html //Peter _______________________________________________ Vlan mailing list Vlan@xxxxxxxxxxxx http://www.lanforge.com/mailman/listinfo/vlan --------------------------------------------------------------------------- "This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken upon this e-mail is strictly prohibited and may be unlawful." ---------------------------------------------------------------------------
