View previous topic :: View next topic |
Author |
Message |
yzh n00b
Joined: 25 Feb 2011 Posts: 53
|
Posted: Thu Nov 08, 2012 8:30 pm Post subject: Untagged VLAN traffic |
|
|
Hi,
Is there a way to strip off all frames that have a VLAN tag, so leaving only the untagged frames on an interface? |
|
Back to top |
|
|
rolypoly Tux's lil' helper
Joined: 30 Nov 2003 Posts: 143
|
Posted: Fri Nov 09, 2012 12:22 am Post subject: |
|
|
Set the switch port to be an access port instead of a trunk port? |
|
Back to top |
|
|
yzh n00b
Joined: 25 Feb 2011 Posts: 53
|
Posted: Fri Nov 09, 2012 10:45 am Post subject: |
|
|
I have no control of the switch
I was hoping I could create a VLAN on the interface with vlan id 0. which would also match untagged traffic. But sadly this is not the case.
If I recall correctly, in older kernel versions (2.6.x?) the interface was always untagged traffic unless you defined a VLAN. |
|
Back to top |
|
|
rolypoly Tux's lil' helper
Joined: 30 Nov 2003 Posts: 143
|
Posted: Sat Nov 10, 2012 2:25 am Post subject: |
|
|
I think you'll find that if you are connected to a trunk port, all incoming packets will be tagged - otherwise you wouldn't receive them because the switch port wouldn't forward them. If the switch port has a native VLAN then you don't have to tag packets leaving your PC as they will be tagged with the native VLAN.
If you're connected to an access port the packets you receive won't be tagged anyway as the switch will remove them.
I don't think you can do what you're trying to achieve, by design. |
|
Back to top |
|
|
yzh n00b
Joined: 25 Feb 2011 Posts: 53
|
Posted: Sat Nov 10, 2012 1:03 pm Post subject: |
|
|
I forgot to mention that the incoming traffic is from a monitoring port, it's used to capture and monitor the traffic.
I have found a way to strip off all VLAN tags, using ebtables and a bridge.
network setup using /etc/conf.d/net:
Code: | # create interface eth0.ut (will be untagged traffic of eth0, using ebtables)
bridge_eth0_ut="eth0"
brctl_eth0_ut="setageing 0 setfd 0 stp off"
config_eth0_ut="null"
rc_need_eth0_ut="net.eth0"
# create interface eth0.1 that will have all vlan 1 traffic, but stripped
config_eth0="null"
config_eth0_1="null"
vlans_eth0="1" |
ebtables rule:
Code: | ebtables -t broute -A BROUTING -p 802_1Q -i eth0 -j DROP |
This will result in:
- eth0: original traffic (mixed vlan)
- eth0.ut: all untagged traffic
- eth0.1: all traffic with vlan-id 1, but stripped
Now I can bond eth0.ut and eth0.1 together to get a clean network stream.
I tried to find a better solution, but I guess this will do for now |
|
Back to top |
|
|
|