Author: Ben
Develop perfect interaction between Linux and Cisco device via VLAN protocol
Preface
For an IT initiate, this field basically comprises three main categories: networking, system, and programming. Each category should be taken much time to be familiar with. IT industries also recruit employee according to these three sub fields. However, we have seen many engineers are only familiar with one specialty because they are not willing to afford such risk when transferring to another field. For example, your original high salary probably will be reduced and your original work experience is no longer workable when you enter into a new career.
In short, it is necessary to study these three fields in depth if you want to become one truly IT expert.
According to few articles about Linux and networking interaction in Taiwan, in this document, I aim to make readers realize VLAN application and configuration on Linux and Cisco device.
Equipment:
- Linux machine (NIC above 100Mb/s is necessary)
- Cisco 2950 series Layer 2 Switch
- Cable line
VLAN (Virtual Local Area Network)
VLAN refers to network segmentation created by some specific network devices, such as Layer 3 Switch, Router and other VLAN devices. We may not easily understand VLAN via IEEE definition so here we tend to use another way to explain it via daily life experience. Couple of years ago you might have established a network by using Hub, which strengthens and transmits signal based on OSI Layer 1 (Physical Layer). However, it rarely exists right now and replaced by a most basic switch called Switch Hub. Here someone may already confuse with the naming between Hub and Switch Hub. Actually the later equals to a simple network switch used to forward and filter packets according to MAC address based on OSI Layer 2 (Data Link Layer) in increasing transit efficiency.
After the brief description above, you may find out every device must exchange information in the same LAN unless we have to use two Hubs above to create several independent LANs in making data exchange across separated networks. Alternatively, VLAN Switch can separate multiple LANs in one device. For instance, Cisco Switch, including 2950, 3550, 3650 and 3750 series, comprises 50 ports above that construct one LAN each to each, i.e. 50 VLANs in one switch which can be connected to other manufacture switches via trunk based on VLAN protocol.
802.1Q
802.1Q, documented in December 8, 1998, refers to a networking standard allowing multiple bridged networks to transparently share the same physical network link. IEEE 802.1 workgroup clearly define such Virtual Bridged LANs service and other required protocols and algorithms. So we usually use 802.1Q to denote VLAN protocol in IT industry. Regarding 802.1Q in the application of company network segmentation, network devices, including router and switch, are configured to insert an appropriate VLAN tag into all data frames based on 802.1Q protocol in differentiating separate VLAN packets.
Preparing Linux device
In IT industry, VLAN has extremely extensive application in most network and computer devices. In addition to using ASIC (Application-Specific Integrated Circuit) to support VLAN, we can also utilize software to install VLAN in different OS. For example, Intel NIC driver can support VLAN in Windows while any NICs are workable in Linux if kernel supports VLAN. Now let’s see where VLAN is in kernel option. The following figure shows the output of running ‘make xconfig’ in Linux kernel v2.4.31:
You can see 802.1Q VLAN under ‘Networking options’. Please briefly read where we can obtain VLAN message and which commands configure VLAN in ‘Help’.
Here we configure VLAN as module. Thus, if VLAN module is not mounted into kernel, we may not know whether kernel supports VLAN in ‘/var/log/messages’ or by running ‘dmesg’. After compiling kernel module, 802.1Q is named as ‘8021q.o’.
Then we can ensure whether our kernel supports VLAN by the following steps: 1) run ‘dmesg’; 2) check if ‘/proc/net/vlan’ exists.
1. Run dmesg piped to grep
The following figure shows kernel supports VLAN when running ‘dmesg | grep –i 802’.
2. Check if /proc/net/vlan exists
Directory ‘/proc/net/vlan’ does not exist without offering VLAN as the following figure shows:
It shows the following output when kernel supports VLAN:
Then we can see how to mount 802.1Q module into kernel: run ‘modprobe’ to mount ‘802.1q.o’ then run ‘lsmod’ to ensure if it’s been done as the following figure shows:
Next is VLAN configuration. We usually have installed VLAN command ‘vconfig’ during Linux installation. If not, please install relevant RPM (usually starts with ‘vconfig’, e.g. vconfig-1.6-2.i386.rpm). Besides, we can download latest source code v1.9 from http://www.candelatech.com/~greear/vlan.html. Run ‘vconfig’ to see its options:
VLAN is named by numbers, which is so called VLAN ID and its form is
VLAN is named by numbers, which is so called VLAN ID and its form is
A) Eth0 must be up, i.e. we can see eth0 by running ‘ifconfig’ or ‘/sbin/ifconfig eth0 up’;
B) Only VLAN can be set IP address.
The following figure shows how to configure VLAN on Linux interface. First, we start eth0 and then observe if it has IP address. Please notice eth0 originally has no IP address. Next run ‘vconfig’ to build a VLAN (VLAN ID 6) and observe if there are any changes in ‘/proc/net/vlan’. We can see a file named eth0.6 and ensure whether VLAN exists by running ‘ifconfig’.
Now we can try how to build other VLANs with command script.
Then speed up configuration process with command script in configuring VLAN IP addressing.
We can also remove VLAN by running ‘vconfig rem 
Let’s review again:
- Ensure kernel supports VLAN
- Select interface on Linux device
- Start physical interface and ensure no IP addressing
- Build and start VLAN interface
- Configure IP address on each VLAN interface
- Configuration finished!
Cisco Catalyst 2950/3550/3650/3750 Switch configuration
We just build nine VLANs: ID 10, 20, 30, 40, 50, 60, 70, 80, 90. So we have to build the same VLAN ID on network device in connecting Linux device. In this document we use Cisco 2950T-24 Layer 2 Switch and it OS version is shown as follows.
By the way, most Cisco device OS is IOS (Internetwork Operating System) and that’s why Cisco device has 85% rations of sale amounts. This also tells readers the importance of programming and system adjustment.
Next, we will see how to build VLAN in IOS. First, enter in enable mode to see how many VLANs that the switch already has. Then enter in vlan database to build our VLAN. See the following figure:
We can see VLAN ID on Linux device from this IOS output. So we have to enter in IOS vlan database to build these VLANs as the following figure shows:
We have select one port in making connection between Cisco Switch and Linux device. Here we use FastEthernet 0/22 for Linux interface connection:
Then we enter in FastEthernet 0/22 configuration mode by running ‘configure terminal’ then ‘interface FastEthernet 0/22’. As you can see, these port configuration commands are too numerous to enumerate.
Next configure this port as 802.1Q mode:
At last, save the previous configuration by running ‘write memory’.
Let’s review again:
1) Build VLAN in vlan database
2) Select port
3) Configure port attribute as trunk and select VLAN
Conclusion
After the Linux and Cisco device configuration, we have succeeded in making information exchange between FastEthernet 0/22 of Cisco 2950 Switch and Linux interface (eth0) based on 802.1Q protocol.
All superior OS is based on UNIX fundamentals for stability and efficiency so that UNIX benefits network device extension very much and indirectly results in Cisco systems becoming the most effective network device manufacturer globally. Accordingly, I strongly recommend system engineer, especially Linux professional, immediately begin to start learning networking knowledge. I’m very glad that the appearance of Linux Guide magazine provides a platform for domestic engineer and manufacturer in exchanging the latest Linux technique. I shall believe this will benefit Linux development very much in Taiwan.
