Linux VLAN Bridge
Posted
by raspi
on Server Fault
See other posts from Server Fault
or by raspi
Published on 2009-05-19T14:41:56Z
Indexed on
2010/05/20
22:01 UTC
Read the original article
Hit count: 288
I have home network with VLANs, one for LAN, one for WLAN and one for internet. I'd like to use bridging so that instead of configuring these same VLANs to every machine, they had own VLAN ID and bridges were LAN, WLAN and internet.
I've tried it but for some reason keep-alive/ttl seems to get broken because SSH sessions etc suddenly disconnects.
We have this same setup working in workplace for 4+ years with 100+ customers but it's custom firewall/router hardware so accessing it is impossible. I know that it runs Linux.
So what is Debian/Ubuntu default network settings doing wrong or is it just NIC driver/hw problem? I've tried to mess araund with ttl etc settings without any luck. The bad stuff is happening in the bridge because current VLAN-only setup works fine.
interfaces:
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
allow-hotplug eth1
iface eth0 inet static
iface eth1 inet static
auto vlan111
auto vlan222
auto vlan333
auto vlan444
auto br0
auto br1
auto br2
# LAN
iface vlan111 inet static
vlan_raw_device eth0
# WLAN
iface vlan222 inet static
vlan_raw_device eth0
# ADSL Modem
iface vlan333 inet static
vlan_raw_device eth1
# Internet
iface vlan444 inet static
vlan_raw_device eth0
# LAN bridge
iface br0 inet static
address 192.168.0.1
netmask 255.255.255.0
bridge_ports eth0.111
bridge_stp on
# Internet bridge
iface br1 inet static
address x.x.x.x
netmask x.x.x.x
gateway x.x.x.x
bridge_ports eth1.333 eth0.444
bridge_stp on
post-up iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE
pre-down iptables -t nat -D POSTROUTING -o br1 -j MASQUERADE
# WLAN bridge
iface br2 inet static
address 192.168.1.1
netmask 255.255.255.0
bridge_ports eth0.222
bridge_stp on
Sysctl:
net.ipv4.conf.default.forwarding=1
© Server Fault or respective owner