![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2016-03-07
介紹
VLAN 即 Virtual LAN, 普遍標準是 IEEE 802.1Q
Frame 的結構
Preamble|SFD|Dst MAC addr|Src MAC addr| a four-byte VLAN tag |Type| ...Native VLAN: VLAN 1 (什麼都沒設定時就是在 VLAN 1)
有效 VLAN ID: 2 ~ 4094
VLAN Tag
- TPID(16 bit) protocol identifier (8100)
- CFI(1 bit) 0 (default) - The MAC addresses are encapsulated in the standard format.
- Priority(3 bit) identifies the 802.1p priority of the frame.
- VLAN ID(12 bit) 0 to 4095. 0 and 4095 are reserved
Vlan 與 Subnet
習慣把不同的 Subnet 分配給不同的 VLAN
i.e.
VLAN 10 192.168.10.0/24 VLAN 20 192.168.20.0/24
術語
Native VLAN
* Trunk Link 兩邊 Interface 的 Native VLAN 必需相同 (Default 1)
PVID
Untagged packets received on a port are considered as the packets from the port PVID.
An access port can join only one VLAN. The VLAN to which the access port belongs is the PVID of the port.
Trunk Port
Switch-1(Trunk Port) --- (Trunk Port)Switch-2
Allowed VLAN
只讓特定的 VLAN 通過 Trunk Port
Linux 上的 VLAN(802.1Q)
# Load kernel module
modinfo 8021q
modprobe 8021q
# 建立 vlan
ip link add link eth0 name eth0.100 type vlan id 100
# vlan info
# -d, -details
ip -d link show eth0.100
3: eth0.100@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT link/ether 52:54:31:34:7c:98 brd ff:ff:ff:ff:ff:ff promiscuity 0 vlan protocol 802.1Q id 100 <REORDER_HDR> addrgenmode eui6
# 設定 IP
ip addr add 192.168.100.2/24 dev eth0.100
# Default 它是 DOWN 的
ip link set eth0.100 up
# 用完後, 可以 Delete 它
ip link delete eth0.100
