VLANs bits

This commit is contained in:
Paul Warren 2021-11-23 19:13:24 +11:00
parent 303bd1d372
commit 222bbd4812

View file

@ -76,11 +76,12 @@
<section><h2>Layers!</h2> <section><h2>Layers!</h2>
<p class="fragment">Like an onion!</p> <p class="fragment">Like an onion!</p>
<p class="fragment">That 7 layer thing from the OSI</p> <p class="fragment">That 7 layer thing from the OSI</p>
<p class="fragment">Ethernet -> IP -> ICMP/TCP/UDP</p>
<p class="fragment">Administrative overlays</p> <p class="fragment">Administrative overlays</p>
<p class="fragment">VPNs and Tunnels</p> <p class="fragment">VPNs and Tunnels</p>
<aside class="notes"> <aside class="notes">
<p>or a parfait</p> <p>or a parfait</p>
<p>which you can mostly ignore, as what we have doesn't conform to it. But it does provide a good framework for assisting understanding</p> <p>which you can mostly ignore, as what we generally use doesn't conform to it. But it does provide a good framework for assisting understanding</p>
<p>Like firewalls, web-proxies/SSL MITM, But also access rights etc</p> <p>Like firewalls, web-proxies/SSL MITM, But also access rights etc</p>
</section> </section>
@ -90,24 +91,31 @@
<p class="fragment">For the purposes of this talk, we can ignore a lot of complexity</p> <p class="fragment">For the purposes of this talk, we can ignore a lot of complexity</p>
</section> </section>
<section><h2>An easy one</h2> <section><h2>An easy one!</h2>
<p>VLANS</p> <p>VLANS</p>
<p class="fragment">Ethernet layer</p> <p class="fragment">Ethernet layer</p>
<p class="fragment">Designed to limit broadcast storms</p> <p class="fragment">Designed to limit broadcast storms</p>
<p class="fragment">Can also separate IP networks on the same Ethernet</p> <p class="fragment">Can also separate IP networks on the same Ethernet</p>
<p class="fragment">Tagged and Untagged or Default</p> <p class="fragment">Tagged and Untagged or Default</p>
<aside class="notes"> <aside class="notes">
<p>beware of <p>beware of strange implementations, windows seems to take Router Advertisements from all vlans, regardless of tag</p>
</section> </section>
<section><h2>VLANs in linux</h2> <section><h2>VLANs in linux</h2>
<p>Are pretty easy!</p> <p>Are pretty easy!</p>
<pre class="fragment">code data-trim data-noescape> <pre class="fragment"><code data-trim data-noescape>
ip link add link enp0s2 name enp0s2.2501 vlan id 2501 ip link add link enp0s2 name enp0s2.2501 vlan id 2501
ip -6 addr add 2001:db8:2501::10/64 dev enp0s2.2501 ip -6 addr add 2001:db8:2501::10/64 dev enp0s2.2501
ip link set dev enp0s2.2501 up ip link set dev enp0s2.2501 up
</pre> </pre>
</section>
<section><h2>What even is a router?</h2> <section><h2>VLANs in linux</h2>
<p>Various different methods of making it go in different distributions</p>
<pre class="fragment"><code data-trim data-noescape>
<section><h2>What even is a router?</h2>
<p class="fragment">Two or more interfaces</p> <p class="fragment">Two or more interfaces</p>
<p class="fragment">Some logic to determine where a packet goes</p> <p class="fragment">Some logic to determine where a packet goes</p>
<aside class="notes"> <aside class="notes">