Linux Layer 2 VLAN Switch: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 5: | Zeile 5: | ||
= Konfiguration der Firewall = | = Konfiguration der Firewall = | ||
= Konfiguration des Switches = | = Konfiguration des Switches = | ||
| + | * | ||
* '''vim ''/etc/network/interfaces'' ''' | * '''vim ''/etc/network/interfaces'' ''' | ||
auto lo | auto lo | ||
| Zeile 51: | Zeile 52: | ||
post-up bridge vlan add dev enp0s9.2 vid 2 pvid untagged | post-up bridge vlan add dev enp0s9.2 vid 2 pvid untagged | ||
post-up bridge vlan add dev enp0s10.2 vid 2 pvid untagged | post-up bridge vlan add dev enp0s10.2 vid 2 pvid untagged | ||
| + | |||
| + | * '''reboot''' | ||
| + | * Die VLAN Konfiguration kann sollten dann so aussehen | ||
| + | * '''cat ''/proc/net/vlan/config'' ''' | ||
| + | |||
| + | VLAN Dev name | VLAN ID | ||
| + | Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD | ||
| + | enp0s3.1 | 1 | enp0s3 | ||
| + | enp0s3.2 | 2 | enp0s3 | ||
| + | enp0s8.1 | 1 | enp0s8 | ||
| + | enp0s9.2 | 2 | enp0s9 | ||
| + | enp0s10.2 | 2 | enp0s10 | ||
| + | |||
| + | * '''bridge vlan''' | ||
| + | |||
| + | port vlan-id | ||
| + | enp0s3 1 Egress Untagged | ||
| + | 2 Egress Untagged | ||
| + | enp0s8 1 PVID Egress Untagged | ||
| + | enp0s9 2 PVID Egress Untagged | ||
| + | enp0s10 2 PVID Egress Untagged | ||
| + | enp0s3.1 1 PVID Egress Untagged | ||
| + | enp0s3.2 2 PVID Egress Untagged | ||
| + | enp0s8.1 1 PVID Egress Untagged | ||
| + | enp0s9.2 2 PVID Egress Untagged | ||
| + | enp0s10.2 2 PVID Egress Untagged | ||
| + | br0 1 PVID Egress Untagged | ||
Version vom 16. September 2024, 14:42 Uhr
Ziel
Konfiguration der Firewall
Konfiguration des Switches
- vim /etc/network/interfaces
auto lo iface lo inet loopback # The primary network interface auto enp0s3 iface enp0s3 inet manual auto enp0s3.1 iface enp0s3.1 inet manual auto enp0s3.2 iface enp0s3.2 inet manual auto enp0s8 iface enp0s8 inet manual auto enp0s8.1 iface enp0s8.1 inet manual auto enp0s9 iface enp0s9 inet manual auto enp0s9.2 iface enp0s9.2 inet manual auto enp0s10.2 iface enp0s10.2 inet manual auto br0 iface br0 inet static address 172.16.100.2/24 gateway 172.16.100.1 bridge_vlan_aware yes bridge_ports all post-up bridge vlan delete dev enp0s9 vid 1 post-up bridge vlan delete dev enp0s10 vid 1 post-up bridge vlan delete dev enp0s3.2 vid 1 post-up bridge vlan delete dev enp0s9.2 vid 1 post-up bridge vlan delete dev enp0s10.2 vid 1 post-up bridge vlan add dev enp0s3 vid 1-2 untagged post-up bridge vlan add dev enp0s9 vid 2 pvid untagged post-up bridge vlan add dev enp0s10 vid 2 pvid untagged post-up bridge vlan add dev enp0s3.2 vid 2 pvid untagged post-up bridge vlan add dev enp0s9.2 vid 2 pvid untagged post-up bridge vlan add dev enp0s10.2 vid 2 pvid untagged
- reboot
- Die VLAN Konfiguration kann sollten dann so aussehen
- cat /proc/net/vlan/config
VLAN Dev name | VLAN ID Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD enp0s3.1 | 1 | enp0s3 enp0s3.2 | 2 | enp0s3 enp0s8.1 | 1 | enp0s8 enp0s9.2 | 2 | enp0s9 enp0s10.2 | 2 | enp0s10
- bridge vlan
port vlan-id
enp0s3 1 Egress Untagged
2 Egress Untagged
enp0s8 1 PVID Egress Untagged
enp0s9 2 PVID Egress Untagged
enp0s10 2 PVID Egress Untagged
enp0s3.1 1 PVID Egress Untagged
enp0s3.2 2 PVID Egress Untagged
enp0s8.1 1 PVID Egress Untagged
enp0s9.2 2 PVID Egress Untagged
enp0s10.2 2 PVID Egress Untagged
br0 1 PVID Egress Untagged