Defining A Vlan - D-Link NetDefend DFL-210 User Manual

3.3.3. VLAN
The number of VLAN interfaces that can be defined for a NetDefendOS installation is limited by
the parameters of the license used. Different hardware models have different licenses and different
limits on VLANs.
Summary of VLAN Setup
It is important to understand that the administrator should treat a VLAN interface just like a physical
interface in that they require at least IP rules and routes to be defined in order to function. If, for
instance, no Allow rule is defined in the IP rule set for a VLAN interface then packets arriving on
that interface will be dropped. Below are the key steps for setting up a VLAN interface.
1. Assign a name to the VLAN interface.
2. Select the physical interface for the VLAN.
3. Assign a VLAN ID that is unique on the physical interface.
4. Optionally specify an IP address for the VLAN.
5. Optionally specify an IP broadcast address for the VLAN.
6. Create the required route(s) for the VLAN in the appropriate routing table.
7. Create rules in the IP rule set to allow traffic through on the VLAN interface.
Example 3.11. Defining a VLAN
This simple example defines a virtual LAN called VLAN10 with a VLAN ID of 10. Note that this Virtual LAN
interface will use the IP address of the corresponding Ethernet interface, as no IP address is specified.
Command-Line Interface
gw-world:/> add Interface VLAN VLAN10 Ethernet=lan
Web Interface
1. Go to Interfaces > VLAN > Add > VLAN
2. Enter a suitable name for the VLAN, in this case VLAN10
3. Now enter:
• Interface: lan
• VLAN ID: 10
4. Click OK
VLAN advanced settings
There is a single advanced setting for VLAN:
Unknown VLAN Tags
What to do with VLAN packets tagged with an unknown ID.
Network=all-nets VLANID=10
94
Chapter 3. Fundamentals