]> git.ipfire.org Git - people/teissler/talks.git/blob - IPFire_VLAN_support.tex
projects / people / teissler / talks.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
2014 - IPFire VLAN support
[people/teissler/talks.git] / IPFire_VLAN_support.tex
1 \documentclass[serif,mathserif]{beamer}
2
3 \usepackage{beamerthemesplit}
4
5 \usetheme{default}
6 \useoutertheme{default}
7
8 \usepackage{amsmath}
9 \usepackage{amsfonts}
10 \usepackage{color}
11 \usepackage{epsfig}
12 \usepackage{marvosym}
13 \usepackage{texnansi}
14 \usepackage{verbatim}
15 \usepackage{xspace}
16 \usepackage{listings}
17
18 \lstset{basicstyle=\ttfamily,
19 showstringspaces=false,
20 }
21
22 % Make this a 16:9 presentation
23 %\setlength{\paperwidth}{171 mm}
24 %\setlength{\paperheight}{96 mm}
25 %\setlength{\textwidth}{151 mm}
26 %\setlength{\textheight}{86 mm}
27
28 % Set sans-serif font.
29 \renewcommand\sfdefault{phv}
30 \renewcommand\familydefault{\sfdefault}
31
32 % Define some colours.
33 \definecolor{myred}{rgb}{0.53,0.01,0}
34 \definecolor{mygrey}{rgb}{0.4,0.4,0.4}
35
36 % Make a nice gradient as background.
37 \setbeamertemplate{background canvas}[vertical shading]
38 [bottom=black, middle=myred, top=myred]
39
40 % Highlight elements in some sort of grey.
41 \setbeamercolor{structure}{fg=mygrey}
42 \setbeamercolor{normal text}{bg=black, fg=white}
43
44 % Use round bullets in lists.
45 \setbeamertemplate{items}[circle]
46
47 % Use bigger fonts for titles.
48 \setbeamerfont{title}{size=\Huge}
49 \setbeamerfont{frametitle}{size=\large}
50 \setbeamertemplate{frametitle}[default]
51
52 % Don't clutter the pages with useless navigations.
53 \setbeamertemplate{navigation symbols}{}
54
55 % Author information.
56 \author[Timo Eissler]{Timo Eissler}
57 \institute{IPFire Project}
58
59 % The title of the presentation.
60 \title{IPFire VLAN Support}
61 %\subtitle{The new IPFire build system}
62
63 \date{September 20th, 2014}
64
65 \newcommand{\spacer}{\vspace{4 mm}}
66
67 \newcommand{\screenshot}[1]{\centerline{%
68 \includegraphics[width=\textwidth,transparent]{#1}}}
69
70 \begin{document}
71 \maketitle
72
73 %\section*{Outline}
74 %\frame{\tableofcontents}
75
76 \section{Introduction}
77
78 \subsection{What are VLANs?}
79 \frame{
80 \frametitle{What are VLANs?}
81
82 \begin{center}
83 Virtual networks within your switch or your physical network.
84 \end{center}
85 }
86
87 \subsection{VLAN Introduction}
88 \frame{
89 \begin{itemize}
90 \item VLANs work on OSI Layer 2 (Data Link Layer)
91 \item VLANs are isolated from each other
92 \item Can reside in a single switch or can be spread over
93 multiple switches in your network
94 \item Adds the 802.1Q header to the Ethernet frame
95 \end{itemize}
96 }
97 \frame{
98 \frametitle{Tagged and untagged frames}
99
100 \begin{block}{Tagged frames}
101 Tagged frames have a VLAN header in the Ethernet frame and so
102 receiving devices know to which VLAN a frame belongs to.
103 \end{block}
104
105 \begin{block}{Untagged frames}
106 Untagged frames have no VLAN header in the Ethernet frame and so
107 the receiving devices have to decide to which VLAN a frame belongs to.
108 Switches do this by using the default VLAN ID (also known as PVID),
109 which is set by the administrator of the switch for the
110 corresponding port.
111 \end{block}
112 }
113 \frame{
114 \frametitle{Access mode port}
115
116 \begin{itemize}
117 \item Used for client devices
118 \item Sends and accepts only untagged frames
119 \item Port can only be member of one VLAN
120 \item Connected devices don't need to be able to handle VLANs
121 \end{itemize}
122 }
123 \frame{
124 \frametitle{Trunk mode port}
125
126 \begin{itemize}
127 \item Uses tagged and untagged frames
128 \item Untagged frames belong to default VLAN (PVID)
129 \item Port can be a untagged member of one VLAN
130 \item Port can be a tagged member of zero or more VLANs
131 \item Sends and accepts only frames which belong to a VLAN the
132 port is a member of
133 \item Connected devices need to be able to handle VLANs
134 \end{itemize}
135 }
136
137 \subsection{Why VLANs?}
138 \frame{
139 VLANs can be used to:
140
141 \begin{itemize}
142 \item seperate and manage networks
143 \item devices can be grouped together even if they are not on the same switch
144 \item optimize performance for specific scenarios like VoIP, SAN, \dots
145 \item minimize broadcast domains (with switches only on layer 2 (MAC))
146 \item minimize hardware costs
147 \item \dots
148 \end{itemize}
149 }
150
151 \subsection{Ok, but why VLANs on my IPFire?}
152 \frame{
153 There are several reasons for this:
154
155 \begin{itemize}
156 \item you already have your networks seperated with VLANs and your
157 corresponding IPFire networks are not within the default VLAN (PVID)
158 \item multiple isolated networks (maybe on a single switch)
159 \item you want more networks than your IPFire has NICs
160 \item and maybe many more\dots
161 \end{itemize}
162 }
163
164 \section{Configuration}
165
166 \subsection{Overview}
167 \frame{
168 \frametitle{origin state}
169
170 \begin{figure}
171 \screenshot{res/IPFire_network_without_VLANs.png}
172 \end{figure}
173 }
174 \frame{
175 \frametitle{desired state}
176
177 \begin{figure}
178 \screenshot{res/IPFire_network_with_VLANs.png}
179 \end{figure}
180 }
181 \frame{
182 \begin{block}{Steps}
183 \begin{enumerate}
184 \item Configure VLANs on the switch
185 \item Configure VLANs on IPFire
186 \item Change IPFire network configuration
187 \item Restart network or reboot
188 \end{enumerate}
189 \end{block}
190 }
191
192 \subsection{Configure VLANs on the switch}
193 \frame{
194 \begin{itemize}
195 \item Port mode: Trunk
196 \item Default VLAN of port: VLAN ID 1 untagged
197 \item VLAN ID for blue network: VLAN ID 300 tagged
198 \item VLAN ID for orange network: VLAN ID 400 tagged
199 \end{itemize}
200 }
201
202 \subsection{Configure VLANs on IPFire}
203 \begin{frame}[fragile]
204 \frametitle{/var/ipfire/ethernet/vlans}
205
206 \begin{lstlisting}[language=bash]
207 GREEN_PARENT_DEV=
208 GREEN_VLAN_ID=
209 GREEN_MAC_ADDRESS=
210 BLUE_PARENT_DEV=green0
211 BLUE_VLAN_ID=300
212 BLUE_MAC_ADDRESS=
213 ORANGE_PARENT_DEV=green0
214 ORANGE_VLAN_ID=400
215 ORANGE_MAC_ADDRESS=
216 \end{lstlisting}
217 \end{frame}
218
219 \subsection{Network Configuration}
220 \begin{frame}[fragile]
221 \frametitle{/var/ipfire/ethernet/settings}
222
223 \begin{lstlisting}[language=bash]
224 CONFIG_TYPE=4
225 ...
226 GREEN_MACADDR=52:54:00:67:58:de
227 GREEN_DESCRIPTION='"virtio: virtio_net"'
228 GREEN_DRIVER=virtio_net
229 ...
230 BLUE_DEV=blue0
231 BLUE_MACADDR=52:54:00:67:58:de
232 BLUE_DESCRIPTION='"virtio: virtio_net"'
233 BLUE_DRIVER=virtio_net
234 BLUE_ADDRESS=192.168.100.30
235 BLUE_NETMASK=255.255.255.0
236 BLUE_NETADDRESS=192.168.100.0
237 BLUE_BROADCAST=192.168.100.255
238 \end{lstlisting}
239 \end{frame}
240 \begin{frame}[fragile]
241 \frametitle{/var/ipfire/ethernet/settings}
242
243 \begin{lstlisting}[language=bash]
244 ORANGE_DEV=orange0
245 ORANGE_MACADDR=52:54:00:67:58:de
246 ORANGE_DESCRIPTION='"virtio: virtio_net"'
247 ORANGE_DRIVER=virtio_net
248 ORANGE_ADDRESS=192.168.150.30
249 ORANGE_NETMASK=255.255.255.0
250 ORANGE_NETADDRESS=192.168.150.0
251 ORANGE_BROADCAST=192.168.150.255
252 \end{lstlisting}
253 \end{frame}
254
255 \section{Demo}
256
257 \subsection{Demo}
258 \frame{
259 \begin{center}
260 \Huge{DEMO}
261 \spacer
262 \end{center}
263 }
264
265 \section{The end}
266
267 \subsection{Conclusion}
268 \frame{
269 \frametitle{Conclusion}
270
271 \begin{center}
272 VLANs are an easy way to manage and improve your networks for your specific needs.
273 \end{center}
274 }
275
276 \subsection{The end}
277 \frame{
278 \begin{center}
279 \Huge{THE END}
280 \spacer
281 \end{center}
282
283 \begin{center}
284 If you want to know more or need more information look at
285 \spacer
286 \url{http://wiki.ipfire.org/en/optimization/vlan/start}
287 \end{center}
288
289 \begin{center}
290 \url{timo.eissler@ipfire.org}
291 \end{center}
292 }
293
294 \end{document}
295
296 % vim:set noet:
Timo's talks