[Tfug] WRT54G (et al.) hacking
Eric Gearhart
eric at nixwizard.net
Thu Jun 11 14:29:22 MST 2009
On Thu, Jun 11, 2009 at 10:28 AM, Bexley Hall<bexley401 at yahoo.com> wrote:
>
> And if I run a packet sniffer on any of the ports I won't see ANY
> traffic not designated to be routed to that port??
Yes... the separate logical VLANs create their own, distinct broadcast
domains. If you sniff on port 2 and it's on VLAN 10 and then sniff
port 3 and it's on VLAN 11 they won't see each other's broadcast/ARP
traffic. Don't confuse routing with layer 2 traffic - the ports that
are assigned different VLANs won't only not see routed traffic, they
won't see each other's Layer 2 traffic as well
For example - port 2 is in VLAN 100, VLAN 100 is assigned the IP
address range 192.168.100.0/24, and 192.168.100.1 is VLAN 100's
default gateway (and port 2's default gateway because it's assigned to
that VLAN)
Port 4 is assigned VLAN 200, the IP address range 192.168.200.0/24 and
192.168.200.1 is VLAN 200's default gateway (and port 4's default
gateway)
The only thing I'm not entirely sure of is setting the default
gateways on each VLAN in dd-wrt - can dd-wrt do layer 3 switching
(that is, VLANs with default gateway and the switch does the routing?)
I would imagine they can, because setting up a trunk port to a 'real'
router (such as a Cisco 2811) doing 'router on a stick' from a WRT54G
would just be silly...
I can play around with this tonight on the WRT54G I have at the house
if you like
--
Eric
http://nixwizard.net
More information about the tfug
mailing list