[Firehol-support] Routing between virtual interfaces
M. O.
mofog at hotmail.com
Fri Jan 23 23:13:42 CET 2009
Thanks for the hint! I had a first look at how to run VLANs in Debian.
There are conflicting information about how to do this. For example you say it can be done by using this notation: "eth0.1". However, this doesn't seem to work for me. I have to do it this way: "vlan2" and add a "vlan_raw_device eth0" line. However, afterwards I cannot reach any components on the VLANs. Am I right that this whole thing only works with special hardware, like VLAN-enabled switches and so on?
The funny thing is that the old setup kind of worked as well, you just couldn't count on it...
If setting up a VLAN environment should turn out to be too complicated, I think I will just merge all networks into one -- granted: it's just avoiding and not solving the problem.
Best regards,
Morin
> Date: Fri, 23 Jan 2009 18:18:28 +0000
> Subject: Re: [Firehol-support] Routing between virtual interfaces
> From: cefrodrigues at gmail.com
> To: mofog at hotmail.com
> CC: firehol-support at lists.sourceforge.net
>
> On Fri, Jan 23, 2009 at 5:59 PM, M. O. <mofog at hotmail.com> wrote:
> > Are there known issues or some kind of traps to watch out for when
> > configuring routing between virtual interfaces? What makes me curious is
> > that "route" doesn't seem to be aware of virtual interfaces at all -- it
> > calls everything "eth0" instead of "eth0:1" and so on.
>
> That's because, AFAIK, interfaces with multiple IP addresses (either
> in the same subnet or not) are the same interface: "eth0:1" is really
> just an extra address for "eth0", not an interface.
>
> I think extra addresses for an interface get a virtual interface name
> just because the "ifconfig" command requires it. If you add an extra
> address with the "ip" command, there is no need for that name and
> everything works exactly the same (except it won't be visible with
> "ifconfig").
>
> If you really need virtual interfaces over the same physical
> interface, you should consider using VLANs. Unlike Windows, having an
> host interface in multiple VLANs is supported for all ethernet cards.
>
> How you do this will depend on your particular distribution. For
> example, in Debian-based distributions, it is as simple as giving a
> particular name to an interface in "/etc/network/interfaces" (eg:
> "eth0.2" automatically means the VLAN with ID "2" over the "eth0"
> interface). Anyway, whichever the distribution, a virtual interface
> for a particular VLAN will only see traffic for that particular VLAN
> and will be seen by the rest of the system (including routing) as a
> real interface (the physical interface, "ethX", will always see
> traffic for _all_ VLANs on the link).
>
> Regards,
>
> --
> Carlos Rodrigues
_________________________________________________________________
http://redirect.gimas.net/?n=M0902xSearchVideo
Videosuche - Ganz einfach mit der Live Search
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20090123/1c39279e/attachment-0001.html>
More information about the Firehol-support
mailing list