Hello, Please explain (in a piece of documentation similar to http://shorewall.net/Shorewall_and_Aliased_Interfaces.html) how to *correctly* define and use VLAN interfaces with shorewall.
This seems to be an entirely different situation than aliased interfaces, because of their (desired) complete separation at the OSI 2 level. Defining VLAN interfaces on Red Hat/Fedora distros is explained here: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Configure_802_1Q_VLAN_Tagging_Using_the_Command_Line.html However, in practice, simply creating virtual interfaces ethX.100 and ethX.200, assigning IP addreses to them and putting them in different firewall zones seems not to work. This is especially the case when one of the VLANs is the default one (VLAN1, on ethX.1), because some returning frames seems to be treated by the parent interface ethX instead of ethX.1 (VLAN1), despite being tagged with VID1, not untagged. Thanks a lot, Răzvan
<<attachment: razvan_sandu.vcf>>
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
