-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvlan.html
436 lines (387 loc) · 18.4 KB
/
vlan.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<title>802.1Q VLAN implementation for Linux</title>
</head>
<body bgcolor=#ffffff text=#000000>
<h1><center>802.1Q VLAN implementation for Linux</center></h1>
<center><i>
Updated Sept 30, 2003<br>
Release: 1.8</br>
</i></center>
<P>
MTU problems exist for many ethernet drivers. Other than that, things seem fairly stable!
<P>
<center>
<B>PLUG: Check out my company that makes traffic generation and WAN simulation
test equipment based on the Linux operating system:<br>
<a target=_top href="http://www.candelatech.com"><img src="http://www.candelatech.com/images/candela_swirl_small.png"
alt="Candela Technologies"
border=0></a>
<br>
Let us help you test your DSL, Cable Access, Satellite and other network systems!</b>
</center>
<font size = -1>
<BR>
TIP jar on <a href="http://www.candelatech.com/~greear" target="_top"> my home page.</a><P>
</font>
Join the <a HREF="http://ns1.wanfear.com/mailman/listinfo/vlan">vlan mailing list</a>,
After that, to post, send mail to
<A HREF="mailto:vlan@ns1.wanfear.com">vlan@ns1.wanfear.com</a>.
<P>
Submit a bug/issue/enhancement with the: <a href="http://grok.yi.org:8080/~greear/bugzilla/enter_bug.cgi?product=VLAN%20for%20Linux">VLAN Bugzilla</a></li>
<P>
I hear that the 2.2/2.4 kernel patches have worked
with these (and other, I'm sure) systems: <P>
<ul>
<li> Cisco: {Catalyst: 6509},
3Com: {Corebuilder, Netbuilder II, SuperStack II switch 630},
Alpine: {3804(SMMi,F32Ti)}
Extreme Ntwks {Summit 48, 48i, 5i}
Foundry: {ServerIronXL, FastIron}</li>
<li> Alteon ACENic Gigabit, 3Com 3c509, realtek RTL8029(AS), RTL8139, DEC DC21140 (tulip),
DFE-570TX quad-21143, Intel PRO/1000 with Intel's driver
</li>
</ul>
<P>
<u><b>Performance:</b></u>
The difference in running traffic over VLANs v/s regular ethernet is very slight. If
someone has done some sort of benchmark, I'll be happy to place it here!
<b><center>VLAN related Resources.</center></b>
<ul>
<li> <a href="#setup"> VLAN Installation & Configuration info.</a></li>
<li> <a href="#cvs_setup"> CVS Access.</a></li>
<li> <a href="vlan/howto.html"> VLAN HOWTO/FAQ (Some CISCO & 3COM specific info too.)</a></li>
<li> <a href="http://www.planetconnect.com/vlan/"> Another VLAN Recipe (Some info specific to Intel EEPRO Nics too.)</a></il>
<li> <a href="http://www.geocities.co.jp/AnimeComic-White/6586/vlan.html"> VLAN Research page in Japanese</a></li>
<li> <a href="http://www.geocities.co.jp/AnimeComic-White/6586/vlan-e.html"> VLAN page translated to English</a></li>
<li> <a target=_top href="http://standards.ieee.org/getieee802/download/802.1Q-1998.pdf">
IEEE 802.1Q Standard</a></li>
</ul>
<P>
<center><b>Features</b></center>
<ul>
<li>Implements 802.1Q VLAN spec.</li>
<li>Implements support for a non-standard (as far as I know)
MAC-based VLAN functionality.</li>
<li>Can support up to 4094 VLANs per ethernet interface.</li>
<li>Scales well in critical paths: O(n), where n is the number of PHYSICAL ethernet interfaces,
and that is only on ingress. O(1) in every other critical path, as far as I know.</li>
<li>Supports MULTICAST</li>
<li>Can change MAC address of VLAN.</li>
<li>Multiple naming conventions supported, and adjustable at runtime.</li>
<li>Optional header-reordering, to make the VLAN interface look <b>JUST LIKE</b>
an Ethernet interface. This fixes some problems with DHCPd and anything else
that uses a SOCK_PACKET socket. Default setting is off, which works for
every other protocol I know about, and is slightly faster.
</li>
</ul>
<P>
<hr>
Download vconfig binaries (source is more flexible, but this will work for most people).
<ul>
<li> <a href="vconfig">vconfig binary for x86</a></li>
<li> <a href="vconfig.arm">vconfig binary for StrongArm</a></li>
</ul>
<P>
<hr>
<center><b>Change Log</b></center>
<ul>
<P>
<li> <b><a href="vlan/vlan.1.8.tar.gz">Release 1.8 (gz)</a> For Kernel: 2.4.21+ Sept 30, 2003:</b><br>
<P>
<ul>
<li>Updated MAC-VLAN code and completed testing. Based on Alex Zeffertt's
work but much has been re-written and he cannot be held responsible!
Please send all bug reports to the VLAN mailing list. The Candela Technologies unified
patch is the thing to apply now, and it contains various other not-necessarily-VLAN
related bits and pieces.
</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.7m.tar.gz">Release 1.7m (gz)</a> For Kernel: 2.4.14+ Feb 27, 2003:</b><br>
<P>
<ul>
<li>Added Alex Zeffertt's MAC-based VLAN code. Not fully functional
yet (mostly because I broke his original work...gonna fix it up
soon. Grab & use his raw patch* files in the meantime.
</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.7.tar.gz">Release 1.7 (gz)</a> For Kernel: 2.4.14+ Feb 27, 2003:</b><br>
<P>
<ul>
<li>Clarified the license for vconfig (GPL). Other small tweaks. </li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.6.tar.gz">Release 1.6 (gz)</a> For Kernel: 2.4.14+ March 24, 2002:</b><br>
<P>
<ul>
<li>Removed 2.4 kernel patch: It's in the standard kernel now.</li>
<li>Updated vconfig to fix some compile issues, and enable cross-compilation
to the StrongARM platform (changes should help other cross-compile
attempts too.)</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.5.tar.gz">Release 1.5 (gz)</a> For Kernel: 2.4.12-pre5 October 22, 2001:</b><br>
<P>
<ul>
<li>Mostly added other peoples fixes and patches (thanks folks!)</li>
<li>Finally fixed mc-list leakage (Ard van Breemen)</li>
<li>Flush mc-list at vlan-destory (Ard van Breemen)</li>
<li>Add vconfig man page to distribution (Ard van Breemen)</li>
<li>Fix problem with /proc and renaming VLAN devices (af AT devcon D.T net)</li>
<li>Add relatively large change by Nick Eggelston that makes VLAN
devices more transparent to tools like tcpdump and other raw
packet snoopers. This will only be enabled when the REORDER_HDR
flag is set.</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.4.tar.gz">Release 1.4 (gz)</a> For Kernel: 2.4.8 August 16, 2001:</b><br>
<P>
<ul>
<li> Code should no longer require /proc interface in order to get at the IOCTLs.
The IOCTLs are now tied to sockets. When using modules, it may auto-load now, too...</li>
<li> Fixed format string error in proc fs display.</li>
<li> Fixed crash bug relating to memory allocation with locks held (we now use GF_ATOMIC)</li>
<li> hard_start_xmit will now grow the packet header if there is not enough headroom. This
may fix an MPLS-over-VLAN problem, though the real solution is to make MPLS allocate
more headroom anyway...</li>
<li> vconfig was changed to use the new IOCTL API, and the old vconfig WILL NOT WORK
with this or any newer patches...</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.0.3.tar.gz">Release 1.0.3 (gz)</a> For Kernel: 2.4.7 August 5, 2001:</b><br>
<P>
<ul>
<li> Re-worked code to be more stable and more in-line with what the kernel maintainers
want to see before the VLAN patch is included into the kernel.</li>
<li> One of those requests was to change the default naming scheme to eth0.5, for a VLAN
of VID 5 on eth0. You can over-ride this naming behaviour with the vconfig tool.</li>
<li> There were *NO* changes to the 2.2 series patch, and I don't expect to ever make
any more changes there...</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.0.1.tar.gz">Release 1.0.1 (gz)</a> For Kernel: 2.2.18/19, 2.4.3-pre3 April 16, 2001:</b><br>
<P>
<ul>
<li> Incorporated a fix for changing a MAC on a VLAN, it now correctly sets PACKET_HOST.
Thanks to Martin Bokaemper for this one.</li>
<li> The 2.4 series patch should now compile as a module, thanks to a tweak from someone
who's mail I have lost! Anyway, 3 cheers to the un-named coder!</li>
<li> There were *NO* changes to the 2.2 series patch, though I did verify that it seems to
work fine with the 2.2.19 kernel.</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.1.0.0.tar.gz">Release 1.0.0 (gz)</a> For Kernel: 2.2.18, 2.4.0 Jan 14, 2001:</b><br>
<P>
<ul>
<li> Really fixed (and tested) MAC change-ability. When you set the MAC address on
a VLAN, it will also attempt to set the underlying device to PROMISCious mode
(otherwise, the VLAN will not receive any packets.)</li>
<li> Hashed-device lookup is disabled by default because some people had trouble with
the 'lo' device. Please feel free to re-enable by editing the line in net/core/dev.c
(search for #define BEN_FAST_DEV_LOOKUP).</li>
<li> vconfig should warn when creating VLAN 1, because that VLAN is not compatible with many
switches.</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.0.0.15.tar.gz">Release 0.0.15 (gz)</a> For Kernel: 2.2.18, 2.4.prerelease Dec 31, 2000:</b><br>
<P>
<ul>
<li>Merged most of Matti Aarnio's patches. This means no significant patch to
eth.c now, and will help port VLANs to non-ethernet devices (ie ppp, TokenRing??).</li>
<li> Setting the MAC address should work now..I think it was broken before.</li>
<li> Miscellaneous code re-organization to make patches to existing files smaller.</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.0.0.14.tar.gz">Release 0.0.14 (gz)</a> For Kernel: 2.2.17, 2.4.pre9 Oct 26, 2000:</b><br>
<P>
This code seems pretty stable.
<ul>
<li>Removed vlan-space-per-machine, so vlan-space-per-NIC is mandatory now.</li>
<li>DHCP might work now, as I've added support for encapsulating regular ethernet
frames if they are sent to the vlan driver.</li>
<li>Fixed up the name/index hashing stuff to handle changing the name on a device.</li>
<li>Took out default VID & default priority, as their usefullness was in question,
and the code was broken anyway.</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.0.0.13.tar.gz">Release 0.0.13 (gz)</a> For Kernel: 2.2.17, 2.4.pre9 Oct 11, 2000:</b><br>
<center><b>KNOWN TO BE BUSTED, here for posterity's sake.</b></center>
<P>
<ul>
<li>Added support for MULTICAST to the VLAN devices. Thanks to
<a href="http://vlan.sourceforge.net" target=_top>Gleb & Co</a> for most of
that code.</li>
<li>Added the ability to set the MAC address on the VLAN. For now, you'll either need
to set your Ethernet NIC into PROMISC mode, or maybe figure out some multi-cast
ethernet address to set on the NIC. This has not been tested well at all.</li>
<li>Added a hashed device-name lookup scheme. This greatly speeds up ifconfig -a.
I was able to run an ifconfig -a in 20 seconds on a Celeron 500, with 4000
vlan devices configured!!</li>
<li>Added vlan_test.pl to help me find dumb bugs. Feel free to make this much
more powerful, and send the code back to me!</li>
<li>vconfig.c has been converted to C code now, instead of C++. Thanks to MATHIEU.</li>
<li>Significantly cleaned up the code w/out decreasing any useful functionality,
I believe.</li>
<li>Removed the DHCP stuff from the VLAN distribution.</li>
</ul>
</li>
<P>
<li> <b><a href="vlan/vlan.0.0.12.tar.gz">Release 0.0.12 (gz)</a> For Kernel: 2.2.16, 2.4.pre7 August 27, 2000:</b><br>
Added ability to re-order the VLAN packet so that it looks like a real ethernet
packet for the ingress pathway. This should help DHCP and other programs that insist
on reading the raw buffer and then make assumptions about byte offsets. I don't have
a good way to test this fully, so consider it experimental :) This behavior can be
changed at run-time, and is set on a per-VLAN basis. The default is NOT to reorder the
header, which has been the only behavior up untill this point. The <tt>vconfig</tt>
program can set/clear the flag, by using a VLAN IOCTL. You can read the flag's value
from the /proc/net/vlan/vlan* files.
<P>
You can also set a default priority on a NON-VLAN device. This priority will only
be used when the default_VID for the device is set as well. This priority won't
be mapped anywhere, just copied straight into the skb->priority. It is a uint16.
<P>
The 2.3 patch is now the 2.4 patch, and it has been tested against 2.4.pre7.
</li>
<P>
<li> <b><a href="vlan/vlan.0.0.11.tar.gz">Release 0.0.11 (gz)</a> For Kernel: 2.2.13/14, 2.3.99 April 23, 2000:</b><br>
Added real support for PRIORITY. Through IOCTL calls (see the vconfig program), you can set
explicit ingress and egress mappings to/from the VLAN QOS bits and the sk_buff->priority
field. This is not tested very well, as I don't know much about how people really use the
priority field... Took out the round-robin aggretation that went in in rls 0.10, as it was
mainly just a hack, and doing link aggregation at a lower level and then putting VLAN on
top of that virtual device probably makes more sense. The vconfig program changed to support
the new features..here's it's new usage:<br>
<pre>
Usage: add [interface-name] [vlan_id]
rem [vlan-name]
set_dflt [interface-name] [vlan_id]
add_port [port-name] [vlan_id]
rem_port [port-name] [vlan_id]
set_egress_map [vlan-name] [skb_priority] [vlan_qos]
set_ingress_map [vlan-name] [skb_priority] [vlan_qos]
set_name_type [name-type]
set_bind_mode [bind-type]
* The [interface-name] is the name of the ethernet card that hosts
the VLAN you are talking about.
* The port-name is the name of the physical interface that a VLAN
may be attached to.
* The vlan_id is the identifier (0-4095) of the VLAN you are operating on.
* skb_priority is the priority in the socket buffer (sk_buff).
* vlan_qos is the 3 bit priority in the VLAN header
* name-type: VLAN_PLUS_VID (vlan0005), VLAN_PLUS_VID_NO_PAD (vlan5),
DEV_PLUS_VID (eth0.0005), DEV_PLUS_VID_NO_PAD (eth0.5)
* bind-type: PER_DEVICE # Allows vlan 5 on eth0 and eth1 to be unique.
PER_KERNEL # Forces vlan 5 to be unique across all devices.
</pre>
<P>
The 2.3 patches have been ported foward to 2.3.99, thanks to Patrick for the vlanproc.c
updates!
</li>
<P>
</ul><hr>
<P>
<center><h3>
<a name="setup">VLAN Setup and Configuration</a></h3></center>
To get started, you will want to download the latest vlan.X.X.tar.gz
file (to your $HOME directory.) Unpack it with your favorite commands, for
example: <tt> tar -xvzf vlan.1.6.tar.gz </tt>
<a name="cvs_setup">Alternatively, you can get it from the CVS Repository using something like this:</a><br>
<ol>
<li> Install and configure
<a href="http://www.loria.fr/~molli/cvs-index.html">cvs</a>
on your machine.</li>
<li> Specify the vlan repository:<br>
<b>export CVSROOT=:pserver:anonymous@ns1.wanfear.com:/home/cvs/vlan</b>
</li>
<li> Log in to the repository:<br>
<b>cvs login (PASSWORD: anonymous)</b>
</li>
<li> Check out the source:<br>
<b> mkdir vlan; cd vlan; cvs -z3 checkout vlan</b>
</li>
</ol>
<P>
Now, you should have a vlan directory in your home directory. You only have
to patch the kernel if you are using Linux 2.4.14 or earlier. Now,
read the README or other docs to figure out what kernel it patches against.
A list of mirrors are kept at <a href=http://www.kernel.org>www.kernel.org</a>.
Unzip and un-tar this in your home directory as well, which should
create a linux directory in your $HOME directory. Example:<tt>
tar -xvzf linux-2.2.14.tar.gz</tt><P>
Now add the VLAN kernel changes to the kernel if your kernel requires it. I finally figured
out how to do patches that diff can handle (I think I did it right at least!). You
will find the patch in the vlan directory. It will be called: vlan.patch,
or something equally straight-foward. Apply the patch to your kernel:<p>
<tt>cd $HOME/linux<br>
patch -p 1 < $HOME/vlan/[vlan.patch]</br>
</tt>
<P>
Your new, patched, kernel should be in your INCLUDE path before trying to
compile the vconfig program. One way to get things working is to link $HOME/linux
to the 'linux' directory that you just un-zipped and patched. A command might
be something like:
<tt>cd $HOME; ln -s /home/greear/kernel/2.4/linux.dev linux</tt>
<P>
Build the vconfig program in the $HOME/vlan directory:<br>
<tt>cd $HOME/vlan<br>
make<br>
</tt>
<P>
Now, time to compile your new kernel! Use the <tt>make xconfig</tt>
command in your $HOME/linux directory to select your kernel options. The
option related to 802.1Q VLANs is found under the <b>Networking options</b>.
If the option is not highlighted, make sure you select "Experimental Drivers"
in one of the first xconfig menus.
<P>
Assuming your kernel compiled cleanly (yell if it didn't and you think my
code broke it!!), you are now ready to try it out!! Install your kernel
in the normal manner (fix up your <tt>/etc/lilo.conf</tt> file appropriately and
run <tt>lilo</tt> as root.) Reboot your computer and choose your new kernel.
<P>
As your computer comes back to life, there will be little sign that you are
now 802.1Q capable, other than a line spit out during the boot process.
There should be a config programs in your $HOME/vlan
directory: <tt>vconfig</tt>. <b>vconfig</b> is used
to create and destroy VLAN devices. So, lets create a VLAN device on your
first ethernet NIC. vconfig<return> will list a short spiel on how to
use it. The vconfig command I usually use is:
<P>
<tt>vconfig add eth0 5</tt>
<P>
This attempts to create a VLAN device with VLAN-ID of 5 on the eth0 device.
If you want to delete a VLAN, use something like:
<P>
<tt>vconfig rem eth0.5</tt>
<P>
You will also need to give it an ip, eg: <tt>ifconfig -i eth0.5 192.168.2.1</tt><br>
and configure it UP: <tt>ifconfig -i eth0.5 up</tt>
<P>
<b>NOTE:</b> You can get lots of VLAN related configuration information from
the <b>/proc/net/vlan/*</b> files by using 'cat' or 'more' to look at them.
<P>
Please get in contact with me if you have suggestions, patches, or other
comments.
<P>
<hr>
<address><a href="mailto:greearb@candelatech.com">greearb@candelatech.com</a>
<a target=_top href="index.html">Ben Greear's Home Page</a></address>
<!-- Created: Sat Jan 30 18:27:28 MST 1999 -->
<!-- hhmts start -->
Last modified: Tue Sep 30 14:16:14 PDT 2003
<!-- hhmts end -->
</body>
</html>