>
> I'm doing bridging between vlans without any rules, I use debian, here
is
> how I setup my bridge interfaces:
> auto br954
> iface br954 inet static
> address 10.193.79.1
> netmask 255.255.255.255
> bridge_ports eth0.954 eth1.1955
> bridge_maxwait 0
>
> The IP on the bridge is irrelevant, it was needed for the ifup to
work.
> This bridges traffic between the two vlans without any rules in
etables.
> I'm using this to translate vlan numbers between different L2 domains.
> Both eth0 and eth1 go to switches with tag ports. No untagged packets
come
> to eth0 or eth1.
> On one box I have over 50 bridges, and it just works.
>
I am also using debian so changed my configuration to match this before I
was using:
auto br1
iface br1 inet static
address 192.168.40.2
netmask 255.255.255.0
network 192.168.40.0
pre-up /sbin/ip link set eth0 up
pre-up /sbin/ip link set eth3 up
pre-up /sbin/vconfig add eth0 40
pre-up /sbin/vconfig set_flag eth0.40 1
pre-up /sbin/vconfig add eth3 40
pre-up /sbin/vconfig set_flag eth3.40 1
pre-up /sbin/ip link set eth0.40 up
pre-up /sbin/ip link set eth3.40 up
pre-up /usr/sbin/brctl addbr br1
pre-up /usr/sbin/brctl addif br1 eth0.40
pre-up /usr/sbin/brctl addif br1 eth3.40
Your way is alot simplet, as it appears to create the vlans as well.
I do have to use one ebtables rule, for traffic coming in on the eth3
interface.
My only issue now if how I can restrict traffic, I may end up having to find
some other way to do this...
Thanks,
Adam
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager. http://www.mettoni.com
**********************************************************************
