[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: status of VLAN support in Debian/Linux in general


1.) VLAN is an IEEE Standard. (802.1q).
But there are two kind of VLAN: tagged VLAN and untagged ones.
a.) The untagged ones work only "within one switch", i.e. the switch is able to 'partition' itself into several logical switches. This is not what you want. b.) The tagged one are 802.1q. This is what you are looking for. All frames are tagged with a VLAN Header, which is 4 byte long. That makes Ethernet-frames with vlan 1504 bytes long altogether (layer 2 -> no fragmentation possible!)

While the kernel itself has no problems with 1504 byte frames, some of the ethernet drivers had. This is what the patches on the candelatech page are for (Thanks Ben Greer!). They fix several drivers in 2.4 series (in my case I had to patch the tulip driver - many 4 port cards use tulip. NB: The tulip patch does not apply tp 2.6 series) Other cards don't need patches (I can confirm: yukon/marvell (sk98lin) rtlXX and intel working). I don't know if they fixed up all drivers in 2.6 series (Anyone knows??)

2.) For those who were afraid about mixing VLAN-capabale swicthes of differnet vendors: - Basically VLAN is 100% compatible, we run D-Link, Allied Telesyn, 3COM, Cisco, and some no-namers togther with extensive VLAN usage. - Vendors tend to use differnet approches and terminology for the config interfaces (egress, forbidden, PVID, VID, group etc...) - Many switches have a limited range of VLAN IDs. Normally it's up to 4096 possible IDs. Some D-Link only accept up to 512, 3 COM Superstack even less, some have 1024 or 4072.

3.) If you want to 'cascade' switches or run tagged frames through non-managebale swicthes you have to press thumbs that the cheap ones support 1504 byte frames. Many do. Test your setup with with a crossover cable first.

4.) Hint: If you setup VLAN with /etc/network/interfaces please keep in mind that the physical interface has to be up in order to create VLANs on it, i.e. you have to set somme (dummy?) IP to ethX in order to create ethX.VID.

5.) For those using a catalyst switch to terminate the vlan - there is a confirmed bug in the cisco asic. Don't wonder why the error LEDs blink. Mr. Sascha Pollok wrote a patch that add a padding to the frames so the cisco gets more happy.

6.) To our experience the usage of VLAN does not cause siginifcant CPU load on linux.


Andreas John
net-lab GmbH
Luisenstrasse 30b
63067 Offenbach
Tel: +49 69 85700331


Adrian 'Dagurashibanipal' von Bidder wrote:

I've some questions regarding VLAN support in Debian and in Linux. First: is <http://www.candelatech.com/~greear/vlan.html> still the main page? Google makes me think so, but there are some references to 2.2 kernels and none to 2.6 kernels, so I'm a bit unsure.

2.6 kernels: are they ready in general? The kernel.org and/or the debian kernels? kernel-patch-vlan is only in woody, so I guess recent 2.4 kernels don't need patches.

Which ethernet cards are working? I'm interested in both fast ethernet and gigabit ethernet.

VLAN is an IEEE standard - is it a real standard, or is it a 'it may work with some switches and not work with others'? (The simple format of the VLAN tag in the ethernet header makes me hope for the former...)

Debian: Ok, I see there's the package 'vlan', so I guess it contains all I need.

(Yes, some of the questions could be solved by experimenting - however, I don't have a VLAN capable switch yet. In fact, all I have is a 5 port 10M hub, an a couple of Realtek 10M network cards. Go figure...)

-- vbi

Reply to: