3

In order to divide incoming traffic I use the "ip link" command:

ip link add link eno1 name eno1.vlan10 type vlan id 10

I want to do the same for a network range, so that I have a named interface for customer network A, or customer network B.

Is there any way I can specify such a sub interface, which logically divides the incoming traffic based on the expression of a network range instead of a vlan id? I am also trying to figure out how to use multiple vlan ids at once.

I could use iptables but that is much too slow. This is high speed (40 Gbit) link. I'd rather linke a iproute/netctl based approach, which performs better. IPtables are not supposed to do something like this.

Jeff Schaller
  • 66,199
  • 35
  • 114
  • 250
JojoMa
  • 31
  • 2
  • Maybe questions about 40-GBit hardware optimizations are more suitable on Serverfault. You should not ask the question there again but ask the moderators here to migrate it there. – Hauke Laging Feb 03 '15 at 06:49
  • it's not about a hardware optimization but about using standard linux tools (iproue2) to split traffic. Common dirty ticks like iptables cannot work, and are not supposed to do this. – JojoMa Feb 03 '15 at 20:33
  • You should check if [VRF interfaces](https://www.kernel.org/doc/Documentation/networking/vrf.txt) are doing what you're looking after (but the user being "unregistered" I doubt this 4 years late comment will ever be read). VRF was added after this question was asked: Linux 4.3 has been released on 1 Nov 2015. [Virtual Routing and Forwarding (Lite) support](https://kernelnewbies.org/Linux_4.3#Virtual_Routing_and_Forwarding_.28Lite.29_support). "The VRF device is thus the layer3 equivalent of a vlan device.". Never used it so I will not make an answer with something I don't really know. – A.B Jun 16 '19 at 17:33

0 Answers0