Ethernet networks can be partitioned into multiple distinct broadcast domains using VLANs. VLAN domains are mutually isolated. Whenever a hosts in one VLAN domain needs to communicate with a hosts in another VLAN domain, the traffic must be routed between the two domains. This is known as inter-VLAN routing.
This document provides a VLAN configuration example for a small network split into two separate VLAN domains: SALES and ENGINEERING. The backbone consists of two VLAN bridges connected by a VLAN trunk. I will use a Linux-based router, RCPlive, connected to the trunk to provide routing between the two VLAN domains and the outside world. On the router I will also enable a number of services such as DHCP and stateful firewall.
Software-based routers have always played a role in the Internet, and are becoming increasingly important in data centers due to the convergence of video, mobile, and cloud services. Data traffic no longer moves simply from the subscriber into the network and then out again. Instead, most of the traffic is located inside the data center between various application servers within the network.
All this traffic can be routed easily using software-based routers running on commodity PC hardware. Such a router looks like just another server in the data center, and most of the time it is implemented using open-source software. The availability of the source code and the right to modify the software enables the unlimited tuning and optimization of the network traffic.
This article describes how to set up RCP100 routing suite on a Debian 7 computer. RCP100 is a full OSPF/RIP router for Linux. It works on 64bit computers, it is licensed under GPL, and it is actively developed.
The computer I am setting up has two Ethernet interfaces, eth0 (192.168.20.20) and eth1 (10.1.10.1), and it is meant to connect a small private network segment (10.1.10.0/24) to the larger public network. To isolate the private network, I configure Network Address Translation on the router and enable the firewall. Computers on the private network are assigned IP addresses using DHCP. The router also provides NTP and DNS proxy services.