1

I am working on insert vlan tags for some client macs on outgoing packets via native vlan. I have tried nh_hooks IN, OUT and Forward but didnt get any success.

What i want is either i can add tag to packet from client to native vlan and then send it via same vlan or is it possible that i can forward native vlan packet from some client based on MAC to tagged vlan interface?

Any suggestion in netlink code or kernel level code? or is it possible to do that via ebtables based on MAC?

Raheel
  • 21
  • 2
  • 4
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. – jww Nov 30 '17 at 06:04

2 Answers2

0

VLAN tagging in Linux is accomplished by using subinterfaces, e.g. ip link add link eth0 name eth0.8 type vlan id 8 adds tagged VID 8 to eth0, creating the eth0.8 subinterface.

The native VLAN is the one that's not tagged on a trunk/port, so its VLAN ID elsewhere depends on whether and how the trunk endpoints (switches) tag the frames when forwarding.

On a VLAN trunk, the VID in the tag is the VLAN the frame is running in.

Zac67
  • 2,761
  • 1
  • 10
  • 21
  • Actually what i want to do is that one of client packet is coming at bridge interface with eth0, we call it br-wan, what i want is to forward packet for that client from br-wan to br-vlan_8 which is bridge interface for eth0.8. Is it possible to do that? since i want that specific client to be tagged but its packet is coming at bridge interface of eth0. My VLAN interface is already created. – Raheel Nov 30 '17 at 12:21
  • Of course this is possible, but most probably you need to create/use an appropriate subinterface. Depending of what exactly you need this for, it may be easier to just use two switch ports for tagging (port 1 uses VLAN 8 untagged, port 2 tagged). – Zac67 Nov 30 '17 at 19:52
0

PC1 ---[SW1] ----[SW2] -----[SW3] ----PC3

[sw2] ---> PC2. [sw2 also connect to PC2.

Assume SW2 is non-IEEE 802.1q switches that does not support VLAN. SW1, SW3 do support. All PC are in VLAN 10.

What the SW1/SW3 on the trunk port will send VLAN 10 packet as untagged packet so that PC2 can understand it. When SW1/SW3 receive any frame, it will classified it as VLAN 10. The default native VLAN is VLAN 1.

1st mistake in question: native VLAN frame/packets are send and received untagged. (no 4 bytes VLAN header).

If I understand it correctly, To forward a native VLAN untagged to a tagged VLAN will be to configure SW1 native vlan to be VLAN 10 and SW3 native VLAN to Vlan 30. PC3 is in VLAN 30. The vlan 10 will get translated to VLAN 30.

So the vlan 10 in PC1 is the same as untagged frame in PC2 and vlan 30 in PC3.

Cisco Mmu
  • 117
  • 3