|
VLAN configuration in firmware 1.3.0 and above
In version 1.3.0 of the firmware we introduced new features allowing use
of separate G.shdsl ports of a modem for independent connections. The main
reason for that change was introduction of the DSL Access Multiplexer, but
new functions are also applicable to table-top versions of Tahoe modems.
New features include:
- assigning of DSL lines in any fashion to independent wan0...wan3
interfaces (creating 'bundles' of DSL lines and allowing connection of
multilple devices to one mutipair modem, for example one Tahoe 682 and two
Tahoe 681 to a single Tahoe 684)
- port-based VLAN switching - an Ethernet or WAN port may be set as
tagged or untagged, so regular packets entering one interface may be
encapsulated into VLAN before transmitting on another interface (for example
packets entering wan0 may be sent over eth0 inside a VLAN allowing further
separation of traffic from different WAN interfaces)
On the two examples below we explain the advantages of these features.
Simple example
In the first case we have two DSL links and we want to separate the
traffic from these lines to two LANs on the central side. We want PC A to
communicate with PC C only, and PC B to PC E.
We need to create two VLANs - ID 20 and 21. The traffic on the WAN side
of the DSLAM has to be untagged so PCs A and B receive regular Ethernet
packets. On the LAN side in contrary it has to be tagged so data from both
sites can be sent to an external switch over a single Ethernet connection.
Then on the Ethernet switch we have to direct the traffic from VLAN 20 to
one port and from VLAN 21 to another one. These ports have to be untagged
so PCs C and E also receive regular non-VLAN packets.
Figure 1. Simple application example - click to enlarge
To make things a little bit more complex we assume that the connection to
PC A is a 4-wire line with Tahoe 682 on the other end. The connection to PC
B is 2-wire with Tahoe 681. The DSLAM may be replaced with Tahoe 684 in this
example.
We need to take following steps:
- Assign DSL ports 1, 2 and 3 to interfaces wan0 and wan1 (note that by
default all ports are assigned to wan0 so we have only to move port 3 to
wan1 and delete port 4):
bundle wan0 del 4
bundle wan1 add 3
- Create VLANs 20 and 21 and assign interfaces to them:
vlan create 20
vlan 20 add wan0
vlan 20 untag wan0
vlan 20 add eth0
vlan create 21
vlan 21 add wan1
vlan 21 untag wan1
vlan 21 add eth0
The 'vlan <vid> add <interface>' command sets a port to tagged mode by
default, so we have to change wan0 and wan1 setting, but eth0 remains
tagged.
- The modem has so-called vlan-transparent mode enabled by default. It
behaves like modems with older firmware versions passing all packets
regardless of the VLAN settings. To enable port-based switching you need to
enter:
- Now only some standard settings are necessary like enabling bridge
mode, configuring Master/Slave modes, etc. Note that you can set modem types
and speeds for each line separately (using 'dsl' command) or for all lines
belonging to a bundle (using 'bundle' command, which is recommended):
bridge on
bundle wan0 speed 5120
bundle wan0 type slave
bundle wan0 reset
bundle wan1 speed 2048
bundle wan1 reset
- We may check VLAN and bundle settings now:
Tahoe> vlan show
Current settings:
VLAN Name Interfaces
---- ---------------- --------------------------
1 Default eth0(u), wan2(u), wan3(u)
20 wan0(u), eth0(t)
21 wan1(u), eth0(t)
Tahoe> bundle show
Current settings:
wan0: lines: 1 2
throughput: 5120 kbps
link mode: cisco hdlc
wan1: lines: 3
throughput: 2048 kbps
link mode: cisco hdlc
Tahoe>
Note that Master/Slave settings are specific to a DSL line, not to a bundle,
so they can only by seen using 'dsl show' command.
The Tahoe 681 and Tahoe 682 modems on the other end of the DSL lines
have to be configured in a standard way - with 'bridge on' and (if 1.3.0
firmware is also used) with 'vlan transparent on'.
Theoretically you may configure untagging on these remote modems instead
of the DSLAM cards (i.e. set wan0 and wan1 on the card as tagged and on
remote modems set wan0 as tagged and eth0 as untagged), but it is
recommended to have all these settings on the DSLAM for easier management.
We also need to configure the Ethernet switch - create VLANs, add ports
to them and set some of them as tagged and other as untagged. For example on
3Com SuperStack 3 you'll need to issue following commands:
bridge vlan create 20 vlan_20
bridge vlan create 21 vlan_21
bridge vlan modify addPort 20 1:1 tagged
bridge vlan modify addPort 20 1:2 untagged
bridge vlan modify addPort 21 1:1 tagged
bridge vlan modify addPort 21 1:3 untagged
Complex example
In the second example we'll mix some tagged and untagged settings on a
single interface:
- The regular traffic from PC A has to be directed to PC C as untagged,
but also has to be directed to a VLAN-aware PC E inside VLAN 20.
- PC A has also a VLAN interface connected to VLAN 22 to communicate
with PC C and PC E.
- The regular traffic from PC B has to be directed to PC D as untagged
and has to be transmitted over VLAN 21 between DSLAM and switch.
- The PC B also has a VLAN interface connected to VLAN 22. Traffic from
that interface has to go to PC A and PC E and remain tagged all over the way.
The interesting thing is that VLAN 22 spans over two DSL interfaces,
while other VLANs do not.
Figure 2. Complex application example - click to enlarge
The configuration commands are following:
Similarily on the Ethernet switch some ports will be tagged while others
will not. Again we'll use 3Com SuperStack 3 commands as an example:
bridge vlan create 20 vlan_20
bridge vlan create 21 vlan_21
bridge vlan create 22 vlan_22
bridge vlan modify addPort 20 1:1 tagged
bridge vlan modify addPort 20 1:2 untagged
bridge vlan modify addPort 20 1:4 tagged
bridge vlan modify addPort 21 1:1 tagged
bridge vlan modify addPort 21 1:3 untagged
bridge vlan modify addPort 22 1:1 tagged
bridge vlan modify addPort 22 1:4 tagged
|
)
)
