Port based VLAN
Matthew Seaman
m.seaman at infracaninophile.co.uk
Wed Dec 22 14:18:32 UTC 2010
On 22/12/2010 11:15, Indexer wrote:
> Hi,
>
> I plan to make a FreeBSD based router sometime soon. I would like to be able to do port based vlanning on the router, so that a client computer that plugs into that socket is "dumb" to the vlans' existance.
>
> IE
>
> em0 - untagged
> em1 - vlan 1
> em2 - vlan 2
>
> Is what i want to achieve (as a simple example). This way i can use unmanaged switches on em2, and all clients behind that are to the router on vlan2
>
> How does one go about this on freebsd.
>
In /etc/rc.conf:
ifconfig_em1="up -vlanhwtag" # You may or may not want hwtag -- try both
vlans_em1="vlan1"
ifconfig_em2='up -vlanhwtag"
vlans_em2="vlan2"
create_args_vlan1="vlan 1"
ipv4_addrs_vlan1="192.168.12.34/24"
create_args_vlan2="vlan 2"
ipv4_addrs_vlan2="192.168.56.78/24"
The em0 i/f should be configured as usual. This will create virtual
interfaces vlan1 and vlan2 which you can apply firewall rules to etc.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew at infracaninophile.co.uk Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20101222/baa7c6d1/signature.pgp
More information about the freebsd-questions
mailing list