akumar@xxxxxxxxxxxxxxxxxx wrote: > I have a setup like > > ---------- eth0 > | Router | ----------------- ISP > ---------- > |eth1 > | > ---------- > | | | | | | > different clients > > > Now i want to convert this system into the form : > > ---------- eth0 > | Router |----------------------- ISP > ---------- > |eth1 > ---------------------- > vlan10 | vlan11 | vlan12 | > ----- | ----------------------- > | | | > some clients | some other clients > | > some other clients > > where vlan10, vlan11 and vlan12 are the Vlan-Id's. > > Then i want to make sure that the broadcasts are restricted to there > particular Vlan's > but users in 1 vlan CAN connect to users in another vlan. > Can anyone help me with this ? > Yes, it's really possible but the IP adress must be diffent from vlan 10, vlan 11 and vlan 12, they do not work if the IP network address is the same. The swith must be support 802.1q, you can restric the layer3 access with iptables command. --- SALUDE3.
