InterVLAN Routing using CentOS with 1 Interface

Scenario:
  • Router: CentOS Server with 1 network card.
  • Clients: 2 WindowsXP in VLAN10,1 Ubuntu and 1 CentOS in VLAN20.
  • Switch: Cisco 2960
Cisco 2960 Switch Configuration:
interface FastEthernet0/1
description CONNECTED TO CentOS ROUTER
switchport mode trunk
!
!
!
interface FastEthernet0/5
description WINXP-1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
description WINXP-2
switchport access vlan 10
switchport mode access
!
!
!
interface FastEthernet0/15
description UBUNTU CLIENT
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/16
description CentOS CLIENT
switchport access vlan 20
switchport mode access
CentOS Router Configuration:

First, we need to disable the SELinux:

sudo nano /etc/selinux/config

Change SELINUX from enforcing to disabled:

To configure the base interface(in my case, eth0):

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

It should have at least the following elements:

DEVICE=eth0 
BOOTPROTO=none   #if it didn’t work then use static
ONBOOT=yes 
TYPE=Ethernet

To setup a VLAN10, on eth0, then we should create a file ifcfg-vlan10 inside /etc/sysconfig/network-scripts/:

ifcfg-vlan10 should have following elements:

Again to setup a VLAN20, on eth0, then we should create a file ifcfg-vlan20 inside /etc/sysconfig/network-scripts/:

ifcfg-vlan20 should have following elements:

To enable ip forwarding, edit /etc/sysctl.conf file:

sudo nano /etc/sysctl.conf

Change net.ipv4.ip_forward from 0 to 1:

Restart the Networking service:

sudo service network restart

Use the ifconfig command to check the newly created vlan interfaces:

ifconfig

To forward the traffic between the vlans, we should configure the iptables:

sudo nano /etc/sysconfig/iptables

Add these two lines (place them according to your iptables file configuration):

-A FORWARD -i vlan10 -o vlan20 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i vlan20 -o vlan10 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

Test from WinXP-1:

Test from WinXP-2:

Test from Ubuntu Client:

Test from CentOS Client:

 

Hope this will help you!

 

Please Remember me in your prayers!


About these ads

3 responses to “InterVLAN Routing using CentOS with 1 Interface

  1. Prasad August 26, 2013 at 3:31 pm

    Hi Very nice post…

    I followed the steps mentioned but have a problem.

    I have 2 interfaces, eth0 and eth1.

    I have configured 2 VLAN interfaces eth0.20 and eth0.30 as
    #file: ifcfg-vlan120
    #————-
    VLAN=yes
    DEVICE=vlan120
    PHYSDEV=eth0
    VLAN_NAME_TYPE=VLAN_PLUS_VID_NO_PAD
    TYPE=Ethernet
    ONBOOT=yes
    NM_CONTROLLED=no
    BOOTPROTO=static
    IPADDR=192.168.120.1
    NETMASK=255.255.255.0

    #file: ifcfg-vlan130
    #————-
    VLAN=yes
    DEVICE=vlan130
    PHYSDEV=eth0
    VLAN_NAME_TYPE=VLAN_PLUS_VID_NO_PAD
    TYPE=Ethernet
    ONBOOT=yes
    NM_CONTROLLED=no
    BOOTPROTO=static
    IPADDR=192.168.130.1
    NETMASK=255.255.255.0

    #file: ifcfg-eth0
    #————
    DEVICE=eth0
    HWADDR=00:90:FB:31:ED:5E
    ONBOOT=yes
    BOOTPROTO=none
    TYPE=Ethernet

    I have connected a desktop(Fedora) to eth0 using a LAN cable with ip 192.168.130.2/24 I am not able to access VLAN host (192.168.130.2) from VLAN server (192.168.130.1) Please help me resolving this issue.

    Thank You,
    Prasad

  2. Rakesh December 19, 2014 at 11:20 am

    nice post everything is perfect. but when i connect dhcp server in vlan dhcp server not assign ip address to other vlan. i am so tired. pls help me as soon as possible.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 124 other followers

%d bloggers like this: