Changes between Version 3 and Version 4 of TipAndDoc/Linux/OpenWRT/vlan


Ignore:
Timestamp:
May 1, 2013 1:14:02 AM (11 years ago)
Author:
mitty
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TipAndDoc/Linux/OpenWRT/vlan

    v3 v4  
    494494                                                        eth1 
    495495}}} 
     496 
     497 == Bridging eth1 to VLAN network == 
     498 * 基本的なコンセプトは wiki:TipAndDoc/network/vlan#BridgingVLAN の概念図を参照 
     499  
     500 * AG300H:/etc/config/network 
     501{{{ 
     502config interface 'lan' 
     503        option ifname 'eth0.0' 
     504        option proto 'static' 
     505        option netmask '255.255.255.0' 
     506        option ipaddr '192.168.0.1' 
     507 
     508config interface 'onu' 
     509        option ifname 'eth0.2 eth1' 
     510        option type 'bridge' 
     511        option proto 'none' 
     512        option auto '1' 
     513 
     514config interface 'wan' 
     515        option ifname 'br-onu' 
     516        option proto 'pppoe' 
     517 
     518config switch 
     519        option name 'eth0' 
     520        option reset '1' 
     521        option enable_vlan '1' 
     522 
     523config switch_vlan 
     524        option device 'eth0' 
     525        option vlan '0' 
     526        option ports '0 1 2 3 4' 
     527 
     528config switch_vlan 
     529        option device 'eth0' 
     530        option vlan '2' 
     531        option ports '0t 1t 2t 3t 4t' 
     532}}} 
     533 * 以下の様なネットワークになる[[br]][[Image(br-onu-vlan-2.png,33%)]] 
     534  * [前述の通り、NAPTによってPPPoEに抜けるには{{{eth0}}}ではなく{{{eth0.0}}}を指定する点に注意 
     535  * mitty@AG300H:~$ ifconfig 
     536{{{ 
     537br-onu    Link encap:Ethernet  HWaddr 00:24:XX:YY:ZZ:74 
     538 
     539eth0      Link encap:Ethernet  HWaddr 00:24:XX:YY:ZZ:74 
     540 
     541eth0.0    Link encap:Ethernet  HWaddr 00:24:XX:YY:ZZ:74 
     542          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0 
     543 
     544eth0.2    Link encap:Ethernet  HWaddr 00:24:XX:YY:ZZ:74 
     545 
     546eth1      Link encap:Ethernet  HWaddr 00:24:XX:YY:ZZ:76 
     547 
     548pppoe-wan Link encap:Point-to-Point Protocol 
     549          inet addr:114.159.64.161  P-t-P:118.23.8.36  Mask:255.255.255.255 
     550}}} 
     551  * mitty@AG300H:~$ brctl show 
     552{{{ 
     553bridge name     bridge id               STP enabled     interfaces 
     554br-onu          8000.0024xxyyzz74       no              eth0.2 
     555                                                        eth1 
     556}}} 
     557  * mitty@vlan-node:~$ ifconfig 
     558{{{ 
     559eth0      Link encap:Ethernet  HWaddr 00:16:3e:c9:70:da 
     560          inet addr:192.168.0.166  Bcast:192.168.0.255  Mask:255.255.255.0 
     561 
     562eth0.2    Link encap:Ethernet  HWaddr 00:16:3e:c9:70:da 
     563          inet6 addr: 2408:211:c083:6a00:a9b0:b00:786e:d38/64 Scope:Global 
     564          inet6 addr: 2408:211:c083:6a00:216:3eff:fec9:70da/64 Scope:Global 
     565}}} 
     566 
     567 === check connection with untagged packet == 
     568 * mitty@vlan-node:~$ ping 8.8.8.8 -c 2 
     569{{{ 
     570PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 
     57164 bytes from 8.8.8.8: icmp_req=1 ttl=55 time=9.06 ms 
     57264 bytes from 8.8.8.8: icmp_req=2 ttl=55 time=8.42 ms 
     573 
     574--- 8.8.8.8 ping statistics --- 
     5752 packets transmitted, 2 received, 0% packet loss, time 1001ms 
     576rtt min/avg/max/mdev = 8.424/8.742/9.060/0.318 ms 
     577}}} 
     578 
     579 * mitty@vlan-node:~$ sudo tcpdump -e -n -i eth0 icmp or icmp6 
     580{{{ 
     58100:08:01.470667 00:16:3e:c9:70:da > 00:24:xx:yy:zz:74, ethertype IPv4 (0x0800), length 98: 192.168.0.166 > 8.8.8.8: ICMP echo request, id 543, seq 1, length 64 
     58200:08:01.479684 00:24:xx:yy:zz:74 > 00:16:3e:c9:70:da, ethertype IPv4 (0x0800), length 98: 8.8.8.8 > 192.168.0.166: ICMP echo reply, id 543, seq 1, length 64 
     58300:08:02.471963 00:16:3e:c9:70:da > 00:24:xx:yy:zz:74, ethertype IPv4 (0x0800), length 98: 192.168.0.166 > 8.8.8.8: ICMP echo request, id 543, seq 2, length 64 
     58400:08:02.480355 00:24:xx:yy:zz:74 > 00:16:3e:c9:70:da, ethertype IPv4 (0x0800), length 98: 8.8.8.8 > 192.168.0.166: ICMP echo reply, id 543, seq 2, length 64 
     585}}} 
     586 
     587 * mitty@AG300H:~$ sudo tcpdump -e -n -i eth0 icmp or icmp6 
     588{{{ 
     58900:08:01.470621 00:16:3e:c9:70:da > 00:24:xx:yy:zz:74, ethertype IPv4 (0x0800), length 98: 192.168.0.166 > 8.8.8.8: ICMP echo request, id 543, seq 1, length 64 
     59000:08:01.479326 00:24:xx:yy:zz:74 > 00:16:3e:c9:70:da, ethertype IPv4 (0x0800), length 98: 8.8.8.8 > 192.168.0.166: ICMP echo reply, id 543, seq 1, length 64 
     59100:08:02.471803 00:16:3e:c9:70:da > 00:24:xx:yy:zz:74, ethertype IPv4 (0x0800), length 98: 192.168.0.166 > 8.8.8.8: ICMP echo request, id 543, seq 2, length 64 
     59200:08:02.479991 00:24:xx:yy:zz:74 > 00:16:3e:c9:70:da, ethertype IPv4 (0x0800), length 98: 8.8.8.8 > 192.168.0.166: ICMP echo reply, id 543, seq 2, length 64 
     593}}} 
     594 
     595 === check connection with tagged packet === 
     596 * mitty@vlan-node:~$ ping6 flets-east.jp -c 2 
     597{{{ 
     598PING flets-east.jp(2404:1a8:ff06::1) 56 data bytes 
     59964 bytes from 2404:1a8:ff06::1: icmp_seq=1 ttl=57 time=4.42 ms 
     60064 bytes from 2404:1a8:ff06::1: icmp_seq=2 ttl=57 time=4.79 ms 
     601 
     602--- flets-east.jp ping statistics --- 
     6032 packets transmitted, 2 received, 0% packet loss, time 1001ms 
     604rtt min/avg/max/mdev = 4.425/4.611/4.798/0.198 ms 
     605}}} 
     606 
     607 * mitty@AG300H:~$ sudo tcpdump -e -n -i eth0 icmp or icmp6 
     608{{{ 
     60900:12:11.795479 00:16:3e:c9:70:da > 00:12:e2:70:52:04, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2408:211:c083:6a00:a9b0:b00:786e:d38 > 2404:1a8:ff06::1: ICMP6, echo request, seq 1, length 64 
     61000:12:11.799675 00:12:e2:70:52:04 > 00:16:3e:c9:70:da, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2404:1a8:ff06::1 > 2408:211:c083:6a00:a9b0:b00:786e:d38: ICMP6, echo reply, seq 1, length 64 
     61100:12:12.797123 00:16:3e:c9:70:da > 00:12:e2:70:52:04, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2408:211:c083:6a00:a9b0:b00:786e:d38 > 2404:1a8:ff06::1: ICMP6, echo request, seq 2, length 64 
     61200:12:12.801717 00:12:e2:70:52:04 > 00:16:3e:c9:70:da, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2404:1a8:ff06::1 > 2408:211:c083:6a00:a9b0:b00:786e:d38: ICMP6, echo reply, seq 2, length 64 
     613}}} 
     614 
     615 * mitty@vlan-node:~$ sudo tcpdump -e -n -i eth0 icmp or icmp6 
     616{{{ 
     61700:12:11.793550 00:16:3e:c9:70:da > 00:12:e2:70:52:04, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2408:211:c083:6a00:a9b0:b00:786e:d38 > 2404:1a8:ff06::1: ICMP6, echo request, seq 1, length 64 
     61800:12:11.797929 00:12:e2:70:52:04 > 00:16:3e:c9:70:da, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2404:1a8:ff06::1 > 2408:211:c083:6a00:a9b0:b00:786e:d38: ICMP6, echo reply, seq 1, length 64 
     61900:12:12.795197 00:16:3e:c9:70:da > 00:12:e2:70:52:04, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2408:211:c083:6a00:a9b0:b00:786e:d38 > 2404:1a8:ff06::1: ICMP6, echo request, seq 2, length 64 
     62000:12:12.799942 00:12:e2:70:52:04 > 00:16:3e:c9:70:da, ethertype 802.1Q (0x8100), length 122: vlan 2, p 0, ethertype IPv6, 2404:1a8:ff06::1 > 2408:211:c083:6a00:a9b0:b00:786e:d38: ICMP6, echo reply, seq 2, length 64 
     621}}} 
     622 
     623 * 期待通り、VLANを通してONU側のNTT NGN網へ抜けている