Implement the single-arm router function on Linux

Article Title: & #22312; Linux & #19978; & #23454; & #29616; & #21333; & #33218; & #36335; & #30001; & #22120; & #21151; & #33021 ;. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Find a network card such as 3COM (supporting VLAN), patch the VLAN in the kernel, and confirm that you need several network segments to set several IP addresses and then set several MAC addresses. (You can change the MAC address on your own in LINUX ). Simulate your LINUX machine into a vro, which has better effects and wider application scenarios. Example: You have four devices, A, B, C, and D. Among them, A and B are desktop PCs, and C is A router (the gateway of your internal network ), D is a LINUX. Your company requires Intranet/Internet isolation. On A and B, there is an Intranet/Internet physical isolation switch (in simple words, there is A switch on which the switch is physically connected to the Internet, ). In this case, the gateways of A and B are fixed, so we require that the LINUX IP address and the IP address of the C router correspond one to one, and because of the relationship between the ARP table, we have to make sure that the MAC address of LINUX should also correspond to the MAC address of the C router. Otherwise, it will be unavailable for some time when the and B machines switch to the network (waiting for the ARP table to aging ). I don't know whether or not, but there are still many advantages. I will give you a detailed description of the implementation steps and principles at the moment:
　　
For a slightly larger network, there are multiple IP network segments, and some networks also require Intranet and Internet isolation. The following describes how to simulate a vro on a LINUX system and provides a reference for the brothers who have such requirements.
　　
My description environment is: Redhat 7.2 (2.4.7-10), 3com 3c509 Nic.
　　
1. Install Redhat 7.2 Where the kernel is the linux-2.4.7-10
　　
2. Download The vlansoftware package and set linux-2.4.7-10to vlan1.3.tar.gz.
　　
3. Release the vlan software package in the/usr/src directory.
　　
4. Add vlan to Linux kernel using proc/usr/src/vlan
　　
5. cd/usr/src/linux-2.4.7-10 to configure the module make menuconfig of the kernel
　　
6. Enter network configuration and select dot1q. Save and exit.
　　
7. Compile kernel, make dep; make clean; make bzImage; make modules-install
　　
8. cp/usr/src/linux-2.4.7-10 /... /boot/bzImage/boot/vmlinuz-2.4.7-10, cp/usr/src/linux-2.4.7-10 /... /system/boot/system-2.4.7-10
　　
9. Restart Linux. at startup, You can see dot1q support by ben greear. The vlan has been started.
　　
10. cd/usr/src/vlan: Compile the vconfig file. make. If you exit, check the location of the file called in vconfig. c.
　　
11. Copy the vconfig executable file to/usr/sbin, cp/usr/src/vlan/vconfig/usr/sbin/vconfig.
　　
12. Configure the vlan device. Take eth0 as an example, vconfig eth0 2; vconfig eth0 3. Configure the IP address of vlan 1 on the master port.
　　
13. Set an IP address on a vlan device. Ifconfig eth0.2 ipaddress netmask mask
　　
14. Set the MAC address on the vlan device. Ifconfig eth0.2 MACaddress (use ifconfig -- help to view ifconfig usage ).
　　
15. Configure the port connecting the router and Linux to trunk. Take cisco 3548 as an example. interface fastethernet 0/48 switchport trunk encapulation dot1q
　　
16. Enable the ip forwarding function disabled by Redhat by default. Echo "1">/proc/sys/net/ipv4/ip_forward
　　
17. Test mutual access between devices in the same vlan and sub-ports of the Linux router. Test the mutual access between devices in different VLANs through the Linux router. All of the above are my practical experience. Please add the LINUXSIR label before COPY.