If you are monitoring a trunk link with many VLANs you are basically seeing all the traffic plus the VLAN tags I'm dealing quite a lot with VLANs in an enterprise environment and the part I'm not getting here is the "hopping VLANs" part. mh, I think we need to talk about this in person at Brucon. One problem might be me not being a native speaker. .....and sorry for mistaking you for Paul :-) Nils
Am 17.09.2010 16:51, schrieb Robin Wood: > On 17 September 2010 08:09, Nils <[email protected]> wrote: >> I'm still not quite sure what Paul is aiming for but my take on this >> is, just provide a trunk link to the virtual machines and let the >> system's driver take care of the 802.1q tagged packets. Then you can >> handle a bunch of VLANs on a single system and see how you can >> manipulate them. >> You would need a 802.1q capable switch for the trunk link though. > Its not Paul, its me and what I want to do is to experiment with > setting up and sniffing VLANs. Things like, can I hop VLANs easily, if > I put a sniffer at point X what can I see, what about point Y? > > If I can do this in a VM lab then it is much easier to do than to do > it in the physical world. So I want to get the VirtualBox internal > switch/router to handle 802.1q packets. > > Does that make sense? > > Robin > >> Nils >> >> On 9/16/2010 7:08 PM, Carlos Perez wrote: >>> for voiphopper and other 802.1q I go physical, for jumping segments >>> attacking routing protocols and other stuff with ESX I can do 802.1q in the >>> virtual switches and use the physical one in conjunction >>> On Sep 16, 2010, at 11:45 AM, Robin Wood wrote: >>> >>>> On 16 September 2010 16:32, Carlos Perez <[email protected]> >>>> wrote: >>>>> righ now I have an old Cisco 3550 for playing with that, best bet would >>>>> be to get an old cisco, procurve, 3com ..etc from ebay >>>>> each vendor has it own twist on "Standard Protocols" >>>> How is best to tie that into a VM lab? Or do you just mean plug some >>>> physical hardware in to it and go from there? I've got enough machines >>>> kicking around that I could do a physical lab but space, noise and >>>> portability have prevented me from doing it so far. >>>> >>>>> On Sep 16, 2010, at 11:27 AM, Robin Wood wrote: >>>>> >>>>>> On 16 September 2010 16:08, Matthew Manor <[email protected]> wrote: >>>>>>> Have you tried Vyatta? It can do most of what Cisco IOS can do but >>>>>>> virtually, including VLANs, and you can certainly run an entire lab of >>>>>>> VMs off of it. >>>>>> I've just had a quick look through it but can't tell if it would help >>>>>> or not. I want to put different machines in my VirtualBox lab onto >>>>>> different VLANs so I can experiment with them. Do you know if their >>>>>> software product would do that? >>>>>> >>>>>>> -Matt Manor >>>>>>> >>>>>>> On 9/16/10, Carlos Perez <[email protected]> wrote: >>>>>>>> Do you mean having a switch with 802.1q? >>>>>>>> >>>>>>>> Sent from my iPhone >>>>>>>> >>>>>>>> On Sep 16, 2010, at 5:03 AM, Robin Wood <[email protected]> wrote: >>>>>>>> >>>>>>>>> Is there any way to setup a VLAN environment in a virtual environment? >>>>>>>>> They are something I've never had much chance to play with and I'd >>>>>>>>> love to get it labbed up so I can. I know there are virtual systems >>>>>>>>> for running IOS images but don't think I could then hang a bunch of >>>>>>>>> VMs off those machines. >>>>>>>>> >>>>>>>>> Preferably VirtualBox methods but any VM will do. >>>>>>>>> >>>>>>>>> Robin >>>>>>>>> _______________________________________________ >>>>>>>>> Pauldotcom mailing list >>>>>>>>> [email protected] >>>>>>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>>>>>> Main Web Site: http://pauldotcom.com >>>>>>>> _______________________________________________ >>>>>>>> Pauldotcom mailing list >>>>>>>> [email protected] >>>>>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>>>>> Main Web Site: http://pauldotcom.com >>>>>>>> >>>>>>> -- >>>>>>> Sent from my mobile device >>>>>>> _______________________________________________ >>>>>>> Pauldotcom mailing list >>>>>>> [email protected] >>>>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>>>> Main Web Site: http://pauldotcom.com >>>>>>> >>>>>> _______________________________________________ >>>>>> Pauldotcom mailing list >>>>>> [email protected] >>>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>>> Main Web Site: http://pauldotcom.com >>>>> _______________________________________________ >>>>> Pauldotcom mailing list >>>>> [email protected] >>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>> Main Web Site: http://pauldotcom.com >>>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
