Dear VDE developers and users,

I have added to my experimental version (on svn branch named rd235)
a basic support for 802.1ad (a.k.a. QinQ).

It is possible to group VLANs together as tagged networks of a supernetwork.

The support is provided by a new port flag: allowqinq

vde$ port/qinq 3 1

this command turns on the qinq flag on port 3.
When a tagged packet comes in from port #3, and it does not match
a tagged network defined pn port 3, it is processed as it were untagged
(so it can be tagged again!).

I have also added a tag q for portgroups and setup.
portgroup/add q44 u44,q

The following example creates a 802.1ad link between switch /tmp/a and

host A----sw /tmp/aa----sw /tmp/a---------sw /tmp/b----sw /tmp/bb-----host B

the host A sends untagged packets to sw /tmp/aa, the packets leave
sw /tmp/aa towards /tmp/a as tagged/VLAN 22, sw /tmp/a
receives the packet on a qinq enabled port and tags the packet again
by VLAN 44.

The configurations at sw /tmp/aa are: (the same at /tmp/bb)
vde$ vlan/create 22
vde$ portgroup/add t22 t22
vde$ portgroup/add u22 u22

configurations for /tmp/a and /tmp/b:
vde$ vlan/create 44
vde$ portgroup/add t44 t44
vde$ portgroup/add qinq44 u44,q

the links can be created in this way:
vde_plug /tmp/a[t44]:/tmp/b[t44] &
vde_plug /tmp/a[qinq44]:/tmp/aa[t22] &
vde_plug /tmp/b[qinq44]:/tmp/bb[t22] &

(I have added a hub connected to a tap port between a[t44] and b[t44],
Wireshark shows nice double 802.1Q headers)


Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
vde-users mailing list

Reply via email to