tagging, basic routing
This commit is contained in:
parent
222bbd4812
commit
ec997ed81c
1 changed files with 39 additions and 12 deletions
49
index.html
49
index.html
|
@ -96,7 +96,8 @@
|
|||
<p class="fragment">Ethernet layer</p>
|
||||
<p class="fragment">Designed to limit broadcast storms</p>
|
||||
<p class="fragment">Can also separate IP networks on the same Ethernet</p>
|
||||
<p class="fragment">Tagged and Untagged or Default</p>
|
||||
<p class="fragment">Tagged and Untagged/Default</p>
|
||||
<p class="fragment">IEEE 802.1Q</p>
|
||||
<aside class="notes">
|
||||
<p>beware of strange implementations, windows seems to take Router Advertisements from all vlans, regardless of tag</p>
|
||||
</section>
|
||||
|
@ -106,14 +107,24 @@
|
|||
ip link add link enp0s2 name enp0s2.2501 vlan id 2501
|
||||
ip -6 addr add 2001:db8:2501::10/64 dev enp0s2.2501
|
||||
ip link set dev enp0s2.2501 up
|
||||
</code>
|
||||
</pre>
|
||||
</section>
|
||||
|
||||
<section><h2>VLANs in linux</h2>
|
||||
<p>Various different methods of making it go in different distributions</p>
|
||||
<p class="fragment">Debian: in /etc/network/interfaces</p>
|
||||
<pre class="fragment"><code data-trim data-noescape>
|
||||
auto enp1s0.2502
|
||||
iface enp1s0.2502 inet dhcp
|
||||
iface enp1s0.2502 inet6 auto
|
||||
</code>
|
||||
</pre>
|
||||
<p class="fragment">OpenWRT has a nice GUI</p>
|
||||
|
||||
|
||||
<aside class="notes">
|
||||
<p>OpenWRT: can also use the hardware present on most hardware routers to assign vlans to specific ports</p>
|
||||
</section>
|
||||
|
||||
<section><h2>What even is a router?</h2>
|
||||
<p class="fragment">Two or more interfaces</p>
|
||||
|
@ -121,18 +132,19 @@
|
|||
<aside class="notes">
|
||||
<p>Not necessarily physical</p>
|
||||
<p>Sounds simple right?</p>
|
||||
</aside>
|
||||
</section>
|
||||
|
||||
<section><h2>Linux Routing</h2>
|
||||
<pre class="fragment"><code data-trim data-noescape>
|
||||
net.ipv4.ip_forward = 1
|
||||
net.ipv6.conf.all.forwarding = 1
|
||||
net.ipv6.conf.default.forwarding = 1
|
||||
net.ipv4.ip_forward = 1
|
||||
net.ipv6.conf.all.forwarding = 1
|
||||
net.ipv6.conf.default.forwarding = 1
|
||||
</code>
|
||||
</pre>
|
||||
<p class="fragment">And we're done!</p>
|
||||
<p class="fragment">Yeah, not really :)</p>
|
||||
</section>
|
||||
</section>
|
||||
|
||||
<section><h2>Static Routes!</h2>
|
||||
<p>Manually added, or scripted routes that don't change</p>
|
||||
|
@ -142,6 +154,23 @@ net.ipv6.conf.default.forwarding = 1
|
|||
</pre>
|
||||
</section>
|
||||
|
||||
<section><h2>Static Routes!</h2>
|
||||
<p>Harking back to our vlan</p>
|
||||
<pre><code data-trim data-noescape>
|
||||
ip -6 route add 2001:db8:2501::/64 via 2001:db8:2500::1 dev enp0s1
|
||||
</code>
|
||||
</pre>
|
||||
<aside class="notes">
|
||||
<p>As you can imagine this quickly becomes unwieldy with expanding networks</p>
|
||||
</aside>
|
||||
</section>
|
||||
|
||||
<section><h2>Enter dynamic routes</h2>
|
||||
<p>Discovering routes to other networks</p>
|
||||
<p>Add them to the kernel routing table</p>
|
||||
<p>OSPF: RFC5430, RFC2328</p>
|
||||
</section>
|
||||
|
||||
<section><h2>What I'm assuming we're familiar with</h2>
|
||||
<p>Diagram showing standard leaf node of a network with a bit cloud containg "The rest of the org"</p>
|
||||
</section>
|
||||
|
@ -187,18 +216,16 @@ net.ipv6.conf.default.forwarding = 1
|
|||
<section><h2>Bonus homework</h2>
|
||||
<p>Why did I use 2001::db8::/32?</p>
|
||||
<p>Why did I use /64s?</p>
|
||||
<p>something ansible?</p>
|
||||
<p>DSA is relatively new, nicer way if interacting with actual switch hardware</p>
|
||||
<p>I highly recommend going through KNorrie's network examples: <a href="https://github.com/knorrie/network-examples">https://github.com/knorrie/network-examples</a></p>
|
||||
</section>
|
||||
|
||||
<section><h2>Resources</h2>
|
||||
<p>These slides: <a href="https://gitea.pwarren.id.au/pwarren/SysAdmin2022">https://gitea.pwarren.id.au/pwarren/SysAdmin2022</a></p>
|
||||
<p>bird: <a href="https://bird.network.cz/">https://bird.network.cz</a></p>
|
||||
<p>KNorrie's network examples: <a href="https://github.com/knorrie/network-examples">https://github.com/knorrie/network-examples</a></p>
|
||||
<p>Openwrt: <a href="https://openwrt.org">https://openwrt.org/</a></p>
|
||||
<p>The OpenWRT IRC channel, currently on the OFTC network</p>
|
||||
<p>BenEater's <a href="https://www.youtube.com/watch?v=-wMU8vmfaYo">"Why was facebook down for five hours" </a>
|
||||
</p>
|
||||
<p>BenEater's <a href="https://www.youtube.com/watch?v=-wMU8vmfaYo">"Why was facebook down for five hours" </a></p>
|
||||
<p>802.1Q: <a href="https://www.ieee802.org/1/pages/802.1Q-2014.html" /></p>
|
||||
</section>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in a new issue