VLAN tag tunnelling question?

Home Page Forums Network Management Networking VLAN tag tunnelling question?

This topic contains 4 replies, has 0 voices, and was last updated by  ksrimoungchanh 9 years, 11 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • March 12, 2009 at 5:08 am #41533

    ksrimoungchanh
    Member

    Hello all: I have a need to tunnel several VLAN’s between 2 Zeroshell using 1.0Beta11.

    I have a Lan-2-lan VPN up and I can access the remote location as a test. The following is the test environment:

    LAN1 (10.1.0.0/24) ===(Zeroshell)(Zeroshell)===LAN2 (192.168.0.0/24).

    the switch ports that the Zeroshell Internal interface is connected to is setup to send Vlan Tagg information (similar to Cisco Trunked interfaces). This is a HP procurve, so they don’t use the Trunk terminology. HP just taggs VLAN # on each port that needs to see the 802.1q taggs.

    I am needing to have the following VLAN Tags carried between each location. (essentially bridging each VLAN between the VPN00)
    VLAN 10
    VLAN 20
    VLAN 30

    My question is: I notice that every interface (including the VPN interface) gives the user the ability to create VLANs. Do I creat the VLANs on both my Internal Interfaces and the VPN00 interface?

    Thanks in advance for any direction.

    Regards,

    Kou

    ps.. this is my first weekend with Zeroshell.. and this is Awesome. Bravo! Fulvio!!

    March 12, 2009 at 10:24 am #47773

    ppalias
    Member

    (If my understanding is correct…)

    The internal interface should have vlans 10,20,30 enabled definitely.
    Now you should have 3 VPNs one for each VLAN that is enabled, you cannot pass dot1q information over vpn.

    March 12, 2009 at 3:48 pm #47774

    ksrimoungchanh
    Member

    Base on this link: http://www.zeroshell.net/eng/faq/network/#net.faq8 I am interpreting that it does support VLAN tunneling?

    Please correct me.

    Kou

    March 12, 2009 at 4:40 pm #47775

    imported_fulvio
    Participant

    Yes, you can tag a VPN LAN-2-LAN with 802.1q VLAN trunking protocol. This methos is better that using 3 separated VPN (1 for each VLAN) because has less overhead.

    Regards
    Fulvio

    March 12, 2009 at 5:25 pm #47776

    ksrimoungchanh
    Member

    Will I also need to create the VLAN on the ETH00? I assume that it is needed to maintain the VLAN information from the Switch through the ETH00 and passing it to the VPN00 interface.

    Thanks for the quick help.

    Kou

    March 12, 2009 at 5:37 pm #47777

    imported_fulvio
    Participant

    If you create the bridge interface BRIDGE00(ETH00,VPN00) you just need to create the VLAN on BRIDGE00. The tags are automatically appended to ETH00 and VPN00.

    Regards
    Fulvio

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.