[Xorp-hackers] Doubt on VLAN implementation

Pavlin Radoslavov pavlin at ICSI.Berkeley.EDU
Thu Mar 20 09:31:43 PDT 2008 

Ben Greear <greearb at candelatech.com> wrote:

> I've been poking at the VLAN code in FEA.  The part that probes the 
> linux kernel seems
> a bit strange.  First, if I read it correctly, it could end up with a 
> iface:vif pair for
> the VLAN, and also a parent_iface:vif pairing.

That's correct and is intentional. E.g., in your configuration you
could use a VLAN in both ways:

  interface eth0 {
      vif vlan10 {
          ...
      }
  }

OR

  interface vlan10 {
      vif vlan10 {
          ...
      }
  }

Consider the second one as a backward compatibility feature for
folks that were probably using VLANs by configuring them manually
before starting older versions of XORP (i.e., before the VLAN
support was added).
The second mechanism might eventually disappear in the future.

> Second, is it possible to add virtual IPs on top of a VLAN (on top of an 
> ethernet)?
> It would seem not if the VLAN device is a vif instead of an interface.

Could you clarify what you mean by "virtual IPs".
You should be able to have a configuration like that would assign
two IP addresses to vlan10:

  interface eth0 {
      vif vlan10 {
          address 1.2.3.4 {
              ...
          }
          address 5.6.7.8 {
              ...
          }
      }
  }


> Even if that works, Linux (2.6.23+) supports mac-vlans on top of 
> ethernet and vlans on top of
> mac-vlans (and vice-versa), and virtual ips on top of any of these.
> That doesn't easily map to a single parent-child relationship.

I have to admit that when comes to VLANs I am thinking the IEEE
802.1Q Standard.
How the relationships you describe above fit with 802.1Q?
If you have an URL with detailed description that would be useful.

> My suggestion is to make VLANs (and all other net-devices) the same as 
> 'real' ethernet
> interfaces, but store parameters in the iface to allow it to rebuild the 
> virtual devices if
> needed (parent-dev-name and VID for VLANs, parent-dev-name and MAC for 
> mac-vlans,
> and so forth.  This would require adding some new tags to the interface 
> config logic,
> including device type (vlan, mac-vlan, etc), vlan-id, MAC-addr, and 
> maybe others for
> new virtual devices.

Configuration-wise how would it look like?
My primary interest is to have configuration that is consistent with
other router vendors' configuration.

> Please also note that with the advent of network namespaces in Linux, it 
> may be possible to have
> VLANs with no visible parent device (it being in a different namespace).

Could you provide more information (e.g., URL) re. network
namespaces in Linux.

Thanks,
Pavlin

More information about the Xorp-hackers mailing list