VLAN on Linux CLI


  1. Turn off all "Network Manager" type processes and applications
    1. Comment out /etc/network/interfaces entries even
  2. Do all commands as the root user
  3. Monitoring changes
    1. In one terminal, run this command and watch it as you execute the commands below to see what is changing
      1. sudo watch -d 'ip addr;echo =====;ip link;echo =====;ip route'
  4. Add VLAN
    1. ip link add link eth0 name eth0.20 type vlan id 20
    2. ip link set dev eth0 up
    3. ip link set dev eth0.20 up
    4. ip addr add 192.168.20.190/24 dev eth0.20
    5. ip route add default via 192.168.20.1
    6. For any other VLANs, change the "20" in the commands above to the desired VLAN, e.g.
      1. ip link add link eth0 name eth0.100 type vlan id 100
  5. Delete VLAN
    1. ip link delete eth0.20
  6. Abstract commands
    1. Create
      1. ip addr add IP/NETMASK dev INTERFACE.VID
      2. ip link set dev INTERFACE.VID up
      3. ip addr add 192.168.100.101/24 dev eth0.100
      4. ip link set dev eth0.100 up
    2. Destroy
      1. ip link set dev INTERFACE.VID down
      2. ip link set dev eth0.100 down
      3. ip link delete INTERFACE.VID
      4. ip link delete eth0.100
  7. Notes
    1. Network addr does not have to match the VLAN name
    2. VLAN name is arbitrary, you can call it "joe" if you'd like
    3. http://www.linuxjournal.com/article/7268
      1. "Trunks using the 802.1q protocol work by adding a 4-byte VLAN identifier to each frame"
      2. "When a switch receives a tagged unicast frame, it looks up the outgoing port using both the destination MAC address and the VLAN identifier"
      3. "When a broadcast frame is received, it is flooded out to all active ports participating in that VLAN"

Comments

Popular posts from this blog

Openvpn and unbound combined break dig command

Stress Linux system: stress-ng

Google Nexus 4: permanent back panel glass repair for less than a penny