802.1Q questions

Archived from groups: comp.dcom.lans.ethernet (More info?)

Hi,

My Internet Access Provider has a citywide optical Ethernet, using
802.1Q VLANS. Basically, they've taken each IP address range they
have, subclassed them and tied each of the subclassed address ranges
to its own VLAN. For better or worse, this is my environment.

Now that we are getting 5 new sub-class-C address spaces, I need to
be able to work with our providers 802.1Q tagging. I got a decent
switch with an ssh and https management interface, so now I have to
figure out how to make this thing work.

Unfortunately, I haven't really been able to google up definitive
information on how to go about implementing this, and we don't feel
like paying the access providers slightly exorbitant consulting fees.

From what sources I've been able to find, I know for sure I can have
my web servers (Linux-based, Intel PRO/100 Nics) handle 802.1Q tagged
frames, incoming and outgoing. Is it also true that I can have the
switch strip out and add the 802.1Q tags as needed? If so, this would
seem like a bit less work.

Can anyone point me towards good information on this stuff? I fell
asleep reading the IEEE standard ... ;)

--
Christopher L. Everett

Chief Technology Officer www.medbanner.com
MedBanner, Inc. www.physemp.com
3 answers Last reply
More about questions
  1. Archived from groups: comp.dcom.lans.ethernet (More info?)

    In article <cqd2uf$f1o$1@news.netins.net>,
    Christopher L. Everett <ceverett@ceverett.com> wrote:
    :Now that we are getting 5 new sub-class-C address spaces, I need to
    :be able to work with our providers 802.1Q tagging.

    :Is it also true that I can have the
    :switch strip out and add the 802.1Q tags as needed?

    Usually, but not universally so. For example some of the older
    IOS releases for some of the Cisco products allow passing through
    of trunks, but do not allow access ports to place traffic into those
    trunks.

    You didn't mention your switch model or software version, so I'm
    not going to make guesses about what -exactly- you have to do in
    order to set ports to untag vlans on egress and tag into the vlan
    on ingress. It is very common to be able to do this, but different
    vendors do it in different ways and sometimes use different
    terminology.
    --
    IEA408I: GETMAIN cannot provide buffer for WATLIB.
  2. Archived from groups: comp.dcom.lans.ethernet (More info?)

    Walter Roberson wrote:
    > You didn't mention your switch model or software version,

    SMC 6724AL2, firmware version 2.0.5.0.

    The price was right, the documentation leaves a lot to be desired.

    > so I'm
    > not going to make guesses about what -exactly- you have to do in
    > order to set ports to untag vlans on egress and tag into the vlan
    > on ingress. It is very common to be able to do this, but different
    > vendors do it in different ways and sometimes use different
    > terminology.

    It would be nice, but not necessary to have a recipe. But I badly
    need a general idea of how to proceed.
  3. Archived from groups: comp.dcom.lans.ethernet (More info?)

    In article <cqdgne$p14$1@news.netins.net>,
    ceverett <ceverett@ceverett.com> wrote:

    [re: stripping 802.1Q tags]

    :SMC 6724AL2, firmware version 2.0.5.0.

    Looks like they pretty much stole the CLI from Cisco.


    Page 2-115 of the management manual.

    e.g. [taken from the documentation]

    vlan database
    vlan 2 name R&D media ethernet state active
    end

    interface ethernet 1/1
    switchport allowed vlan add 2 tagged

    interface ethernet 1/2
    switchport allowed vlan add 2 untagged


    The first part creates the vlan and activates it. Use the VLAN numbers
    your ISP gives you. The 'name' is expected to be a single 'word', but
    you can probably use a double-quoted string there. You might as well
    create all your vlans first.

    The second part tells the switch that you want interface ethernet 1/1
    to be a tagged member of vlan 2. Repeat the 'add' command for all
    vlans your ISP is providing to you, on the interface that you are going
    to connect to your WAN.

    The third part tells the switch that you want interface ethernet 1/2
    to be an untagged member of vlan 2. This would mean that any packets
    received for VLAN 2 will be sent out the port, but that the 802.1Q tag
    will be stripped off before the packets are sent. Conversely, when
    any packet comes in to the port, the switch will tag it with vlan #2
    and will then direct it to all the appropriate places that are part of
    vlan #2. This is thus the mechanism you use to break the ISP supplied
    vlans out for particular hosts: you attach the host to a port, and
    you set the port to be an untagged member of the VLAN corresponding to
    the IP range the port should be in.
    --
    History is a pile of debris -- Laurie Anderson
Ask a new question

Read More

Internet Access Ethernet Card Networking Product