Add VLAN tag on packets from LAN port 1 with ID 1000 and LAN port 2 with ID 2000. Forward both to LAN port 3 and remove VLAN tags in the reverse direction. To do this, we need 8021q kernel module and bridge controller "brctl". Here's the command to make it work:
Three interfaces on my PC:
LAN port 1 = eth0
LAN port 2 = eth1
LAN port 3 = eth2
First bring up all the base interfaces:
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
ifconfig eth2 0.0.0.0 up
Create VLAN interfaces and bring them up:
vconfig add eth0 1000
ifconfig eth0.1000 0.0.0.0 up
vconfig add eth1 2000
ifconfig eth1.2000 0.0.0.0 up
Prepare (create) bridges:
brctl addbr bridge1000
brctl addbr bridge2000
Bridge eth0.1000 to LAN port 3 (eth2):
brctl addif bridge1000 eth0.1000
brctl addif bridge1000 eth2
ifconfig bridge1000 up
Bridge eth1.2000 to LAN port 3 (eth2):
brctl addif bridge2000 eth1.2000
brctl addif bridge2000 eth2
ifconfig bridge2000 up
~Done!
note 1: I once had troubles to make it work. reason is that bridge needs to be activated manually.
note 2: saw such info somewhere, "8021q kernel module is enabled by default only in Kernel 2.6". with Kernel 2.4 you need to insert the module manually (insmod 8021q). if you don't find the module in system, install it with yum. try keyword 8021q or vlan.
note 3: interfaces in a bridge seems lose their layer3 functions. for example, I lost access to IP address of eth2 after "ifconfig bridge2000 up". guess that's because all packets (in fact Ethernet frames) to eth2 forwarded to eth0.2000 before going up to IP layer.
沒有留言:
張貼留言