Sign in with
Sign up | Sign in
Your question

802.1Q questions

Last response: in Networking
Share
Anonymous
December 22, 2004 9:19:27 PM

Archived from groups: comp.dcom.lans.ethernet (More info?)

Hi,

My Internet Access Provider has a citywide optical Ethernet, using
802.1Q VLANS. Basically, they've taken each IP address range they
have, subclassed them and tied each of the subclassed address ranges
to its own VLAN. For better or worse, this is my environment.

Now that we are getting 5 new sub-class-C address spaces, I need to
be able to work with our providers 802.1Q tagging. I got a decent
switch with an ssh and https management interface, so now I have to
figure out how to make this thing work.

Unfortunately, I haven't really been able to google up definitive
information on how to go about implementing this, and we don't feel
like paying the access providers slightly exorbitant consulting fees.

From what sources I've been able to find, I know for sure I can have
my web servers (Linux-based, Intel PRO/100 Nics) handle 802.1Q tagged
frames, incoming and outgoing. Is it also true that I can have the
switch strip out and add the 802.1Q tags as needed? If so, this would
seem like a bit less work.

Can anyone point me towards good information on this stuff? I fell
asleep reading the IEEE standard ... ;) 

--
Christopher L. Everett

Chief Technology Officer www.medbanner.com
MedBanner, Inc. www.physemp.com

More about : 802 questions

Anonymous
December 23, 2004 4:12:23 AM

Archived from groups: comp.dcom.lans.ethernet (More info?)

In article <cqd2uf$f1o$1@news.netins.net>,
Christopher L. Everett <ceverett@ceverett.com> wrote:
:Now that we are getting 5 new sub-class-C address spaces, I need to
:be able to work with our providers 802.1Q tagging.

:Is it also true that I can have the
:switch strip out and add the 802.1Q tags as needed?

Usually, but not universally so. For example some of the older
IOS releases for some of the Cisco products allow passing through
of trunks, but do not allow access ports to place traffic into those
trunks.

You didn't mention your switch model or software version, so I'm
not going to make guesses about what -exactly- you have to do in
order to set ports to untag vlans on egress and tag into the vlan
on ingress. It is very common to be able to do this, but different
vendors do it in different ways and sometimes use different
terminology.
--
IEA408I: GETMAIN cannot provide buffer for WATLIB.
Anonymous
December 23, 2004 4:12:24 AM

Archived from groups: comp.dcom.lans.ethernet (More info?)

Walter Roberson wrote:
> You didn't mention your switch model or software version,

SMC 6724AL2, firmware version 2.0.5.0.

The price was right, the documentation leaves a lot to be desired.

> so I'm
> not going to make guesses about what -exactly- you have to do in
> order to set ports to untag vlans on egress and tag into the vlan
> on ingress. It is very common to be able to do this, but different
> vendors do it in different ways and sometimes use different
> terminology.

It would be nice, but not necessary to have a recipe. But I badly
need a general idea of how to proceed.
Anonymous
December 23, 2004 8:43:12 AM

Archived from groups: comp.dcom.lans.ethernet (More info?)

In article <cqdgne$p14$1@news.netins.net>,
ceverett <ceverett@ceverett.com> wrote:

[re: stripping 802.1Q tags]

:SMC 6724AL2, firmware version 2.0.5.0.

Looks like they pretty much stole the CLI from Cisco.


Page 2-115 of the management manual.

e.g. [taken from the documentation]

vlan database
vlan 2 name R&D media ethernet state active
end

interface ethernet 1/1
switchport allowed vlan add 2 tagged

interface ethernet 1/2
switchport allowed vlan add 2 untagged


The first part creates the vlan and activates it. Use the VLAN numbers
your ISP gives you. The 'name' is expected to be a single 'word', but
you can probably use a double-quoted string there. You might as well
create all your vlans first.

The second part tells the switch that you want interface ethernet 1/1
to be a tagged member of vlan 2. Repeat the 'add' command for all
vlans your ISP is providing to you, on the interface that you are going
to connect to your WAN.

The third part tells the switch that you want interface ethernet 1/2
to be an untagged member of vlan 2. This would mean that any packets
received for VLAN 2 will be sent out the port, but that the 802.1Q tag
will be stripped off before the packets are sent. Conversely, when
any packet comes in to the port, the switch will tag it with vlan #2
and will then direct it to all the appropriate places that are part of
vlan #2. This is thus the mechanism you use to break the ISP supplied
vlans out for particular hosts: you attach the host to a port, and
you set the port to be an untagged member of the VLAN corresponding to
the IP range the port should be in.
--
History is a pile of debris -- Laurie Anderson
!