configure a FreeBSD machine to do VLAN taggin…

This HowTo covers how to setup and configure a FreeBSD machine to do VLAN tagging
(802.1q) as well as rate limiting through the DUMMYNET interfaces for the VLAN
enabled ports. We will also cover configuration of the VLAN ports on a Cisco 2924-EN-
XL 24 port switch for use with the FreeBSD machine.
VLAN tagging allows a VLAN enabled machine to communicate with a VLAN enabled
network device to allow each port on the network device to be controlled directly from
the machine, for the purpose of firewalling as well as rate limit and other functionality.
Make sure you have a machine with enough power to handle the traffic of the VLANs.
We are using a P4 1.4Ghz with 512MB of RAM and two Intel EtherExpress Pro 10/100
cards. You need two cards for the setup. One card is connected to your upstream switch
and the other is connected to the VLAN enabled device.
We are starting with a basic installation of FreeBSD. If you are not sure how to install
FreeBSD please refer to the FreeBSD installation HowTo.
1) We will first need to make some modifications to the GENERIC kernel to add the
needed functionality to our server.
cd /usr/src/sys/i386/conf
cp GENERIC vlan (you can use anyname you want here, but make sure you remember it)
Now edit the vlan file and remove the unnecessary options. Some of the more common
options that I remove everytime I recompile a kernel are:
cpu             I386_CPU
cpu             I486_CPU
cpu             I586_CPU (none of these are needed unless you are compiling for a system
running an older processor, most modern processors are I686.)
Modify the ident name to something that identifies the kernel or the server. I normally
use the hostname.
ident                vlan
options         MATH_EMULATE (again… only needed if you are using a VERY old
processor)

options         INET6 (I don’t use IPV6, just because I am not ready to implement it yet)
device          eisa (I remove this, because I can’t tell you the last time I saw an EISA
board)
I remove other options that you might need (usb, scsi raid arrays, etc) so you will need to
understand what configuration you have and what devices you are going to be using.
Be sure to leave:
device          miibus
device          fxp (These two devices will allow us to use the Intel based network cards
that we will need for VLANs, other NICs are capable of VLANs as well, but we only use
Intels as a matter of choice and convience.)
The Intel GigE cards (em) also support VLANs. Both Intel cards also support device polling,

标签：

版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com
特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有