beautypg.com

Port based vlan – Amer Networks E5Web GUI User Manual

Page 170

background image

More than one interface on the security gateway can carry VLAN trunk traffic and these will
connect to separate switches. More than one trunk can be configured to carry traffic with the
same VLAN ID.

Note: 802.1ad is not supported

cOS Core does not support the IEEE 802.1ad (provider bridges) standard which allows
VLANs to be run inside other VLANs.

Forwarding DSCP QoS Information

cOS Core forwards, from exiting packets, the 6 bits which make up the Diffserv Differentiated
Services Code Point (DSCP) into VLANs. This is done by copying the bits into the quality of service
bits in VLAN Ethernet frames and applies only for data leaving Clavister Security Gateway
interfaces.

The Diffserv architecture provides quality of service (QoS) information to devices through which
packets of data pass. Diffserv is discussed further in Section 10.1, “Traffic Shaping”.

License Limitations

The number of VLAN interfaces that can be defined for a cOS Core installation is limited by the
parameters of the license used. Some licenses may restrict the total number of VLANs allowed in
a cOS Core installation. License upgrades can be purchased to increase this limit if required.

Summary of VLAN Setup

Below are the key steps for setting up a VLAN interface.

1.

Assign a name to the VLAN interface.

2.

Select the physical interface for the VLAN.

3.

Assign a VLAN ID that is unique on the physical interface.

4.

Optionally specify an IP address for the VLAN.

5.

Optionally specify an IP broadcast address for the VLAN.

6.

Create the required route(s) for the VLAN in the appropriate routing table.

7.

Create rules in the IP rule set to allow traffic through on the VLAN interface.

Port Based VLAN

VLANs on the gesw interfaces of the Clavister E7 hardware series are configured
differently from standard cOS Core VLANs and this is described fully in an appendix of
the separate Eagle E7 Getting Starting Guide.

The VLAN processing overhead for these gesw interfaces is performed by a switch fabric
that connects these interfaces and not cOS Core. This allows the interfaces to be divided
up into a number of different VLANs. The feature is referred to as Port Based VLAN.

Chapter 3: Fundamentals

170

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: