VLAN: Difference between revisions
Prabuanand (talk | contribs) (updated page based on confirmation from Ariadne on IRC #alpine-devel on 2025-06-03 16:36:23 and old changes made by ikke) |
|||
| (13 intermediate revisions by 6 users not shown) | |||
| Line 1: | Line 1: | ||
This article shows how to configure a network interface as an IEEE 802.1q VLAN trunk. | This article shows how to configure a network interface as an IEEE 802.1q VLAN trunk. [[Ifupdown-ng]] includess a [https://github.com/ifupdown-ng/ifupdown-ng/blob/main/executor-scripts/linux/link link executor script] to support VLANs configured in the {{path|/etc/network/interfaces}} file. | ||
__TOC__ | __TOC__ | ||
==Installation== | ==Installation== | ||
==Configuration== | In the previous versions of Alpine Linux, support for vlan was provided by the {{pkg|vlan|arch=}} package instead of [[Ifupdown-ng]], as busybox-ifupdown lacked necessary features. Installing the {{pkg|vlan|arch=}} package will result in the removal of {{pkg|ifupdown-ng}} package and prevent your network from being configured/working properly. | ||
== Configuration == | |||
auto eth0.8 | |||
iface eth0.8 | All the configuration on this page assumes [[Ifupdown-ng]] is being used. | ||
address 192.168.0.2 | |||
{{Note| If [[ifupdown-ng]] is not available/used, use {{ic|iface eth0.8 inet static}} instead of {{ic|iface eth0.8}} and use below address format for IPv4 instead of '''203.0.113.2/24 ''' :{{Cat|/etc/network/interfaces|address 203.0.113.2 | |||
netmask 255.255.255.0}}}} | |||
Edit the {{path|/etc/network/interfaces}} file as follows:{{Cat|/etc/network/interfaces|auto eth0.8 | |||
iface eth0.8 | |||
address 192.168.0.2/24 | |||
gateway 192.168.0.1 | gateway 192.168.0.1 | ||
vlan-raw-device eth0 | |||
vlan_id 8}} | |||
The command {{ic|ifup}} will find the trailing .8 in eth0.8 and will create a VLAN interface with vid 8 over eth0. | |||
auto vlan8 | Alternatively with vlan8 over eth0:{{Cat|/etc/network/interfaces|auto vlan8 | ||
iface vlan8 | iface vlan8 | ||
address 192.168.0.2 | address 192.168.0.2/24 | ||
gateway 192.168.0.1 | gateway 192.168.0.1 | ||
vlan-raw-device eth0 | vlan-raw-device eth0}} | ||
A static | A static IP address was used in the examples shown above, but DHCP can be used as well. | ||
== Example with bridges associated with VLANs over bonding with differing MTUs on the various VLANs == | == Example with bridges associated with VLANs over bonding with differing MTUs on the various VLANs == | ||
This serves as an example of some of the more complicated networking possible. Particularly, this would work well for a hypervisor attached to a dedicated storage VLAN. Less complicated implementations can be achieved by merely removing the non-applicable parts | |||
This serves as an example of some of the more complicated networking possible. Particularly, this would work well for a hypervisor attached to a dedicated storage VLAN. Less complicated implementations can be achieved by merely removing the non-applicable parts as follows:{{Cat|/etc/network/interfaces|auto lo | |||
auto lo | |||
iface lo inet loopback | iface lo inet loopback | ||
auto bond0 | auto bond0 | ||
iface bond0 inet manual | iface bond0 inet manual | ||
bond_slaves eth0 eth1 | bond_slaves eth0 eth1 | ||
bond_mode 802.3ad | bond_mode 802.3ad | ||
bond_miimon 100 | bond_miimon 100 | ||
bond_xmit_hash_policy layer2+3 | bond_xmit_hash_policy layer2+3 | ||
post-up ip link set dev | post-up ip link set dev bondi0 mtu 9000 | ||
iface bond0.1 | iface bond0.1 | ||
auto br1 | auto br1 | ||
iface br1 | iface br1 | ||
address 192.168.1.196 | address 192.168.1.196/24 | ||
gateway 192.168.1.1 | |||
gateway 192.168.1.1 | bridge_ports bond0.1 | ||
bridge_ports bond0.1 | bridge_stp off | ||
bridge_stp off | bridge_fd 0.0 | ||
bridge_fd 0.0 | post-up ip link set dev bond0.1 mtu 1500 | ||
post-up ip link set dev bond0.1 mtu 1500 | |||
iface bond0.10 inet manual | iface bond0.10 inet manual | ||
auto br10 | auto br10 | ||
iface br10 | iface br10 | ||
address 192.168.10.1 | address 192.168.10.1/24 | ||
bridge_ports bond0.10 | |||
bridge_ports bond0.10 | bridge_stp off | ||
bridge_stp off | bridge_fd 0.0}} | ||
bridge_fd 0.0 | |||
== Example with two interfaces on the same adapter. One with VLAN and one without == | |||
Since Linux doesn't allow multiple default gateways we need to use a second routing table using iproute2:{{Cmd|apk add {{pkg|iproute2|arch=}}}} | |||
Then we'll add two new routing tables to the config file. One for each network:{{Cmd|echo "1 rt1" >> /etc/iproute2/rt_tables;echo "2 rt2" >> /etc/iproute2/rt_tables;}} | |||
Now we need to edit the file {{path|/etc/network/interfaces}} as follow {{Cat|/etc/network/interfaces|auto lo | |||
iface lo inet loopback | |||
# the native interface without a VLAN (also called untagged) | |||
auto eth0 | |||
iface eth0 | |||
address 192.168.1.100/24 | |||
gateway 192.168.1.1 | |||
post-up ip route add 192.168.1.0/24 dev eth0 src 192.168.1.100 table rt1 | |||
post-up ip route add default via 192.168.1.1 dev eth0 table rt1 # actual gateway for this interface | |||
post-up ip rule add from 192.168.1.100/32 table rt1 | |||
post-up ip rule add to 192.168.1.100/32 table rt1 | |||
# second interface with the vlan tag 5 | |||
auto eth0.5 | |||
iface eth0.5 | |||
address 192.168.5.100/24 | |||
post-up ip route add 192.168.5.0/24 dev eth0.5 src 192.168.5.100 table rt2 | |||
post-up ip route add default via 192.168.5.1 dev eth0.5 table rt2 # actual gateway for this interface | |||
post-up ip rule add from 192.168.5.100/32 table rt2 | |||
post-up ip rule add to 192.168.5.100/32 table rt2}} | |||
Note that if you want to add a third interface this way, you'll have to add another routing table. | |||
== See also == | |||
*[[Configure Networking|Main Networking page]] | |||
*[https://github.com/ifupdown-ng/ifupdown-ng/blob/main/doc/interfaces-vxlan.scd VXLAN manual for Ifupdown-ng] | |||
[[Category:Networking]] | [[Category:Networking]] | ||
Latest revision as of 17:27, 3 June 2025
This article shows how to configure a network interface as an IEEE 802.1q VLAN trunk. Ifupdown-ng includess a link executor script to support VLANs configured in the /etc/network/interfaces file.
Installation
In the previous versions of Alpine Linux, support for vlan was provided by the vlan package instead of Ifupdown-ng, as busybox-ifupdown lacked necessary features. Installing the vlan package will result in the removal of ifupdown-ng package and prevent your network from being configured/working properly.
Configuration
All the configuration on this page assumes Ifupdown-ng is being used.
Note: If ifupdown-ng is not available/used, use
iface eth0.8 inet static instead of iface eth0.8 and use below address format for IPv4 instead of 203.0.113.2/24 :Contents of /etc/network/interfaces
address 203.0.113.2
netmask 255.255.255.0
Edit the /etc/network/interfaces file as follows:
Contents of /etc/network/interfaces
auto eth0.8
iface eth0.8
address 192.168.0.2/24
gateway 192.168.0.1
vlan-raw-device eth0
vlan_id 8
The command ifup will find the trailing .8 in eth0.8 and will create a VLAN interface with vid 8 over eth0.
Alternatively with vlan8 over eth0:
Contents of /etc/network/interfaces
auto vlan8
iface vlan8
address 192.168.0.2/24
gateway 192.168.0.1
vlan-raw-device eth0
A static IP address was used in the examples shown above, but DHCP can be used as well.
Example with bridges associated with VLANs over bonding with differing MTUs on the various VLANs
This serves as an example of some of the more complicated networking possible. Particularly, this would work well for a hypervisor attached to a dedicated storage VLAN. Less complicated implementations can be achieved by merely removing the non-applicable parts as follows:
Contents of /etc/network/interfaces
auto lo
iface lo inet loopback
auto bond0
iface bond0 inet manual
bond_slaves eth0 eth1
bond_mode 802.3ad
bond_miimon 100
bond_xmit_hash_policy layer2+3
post-up ip link set dev bondi0 mtu 9000
iface bond0.1
auto br1
iface br1
address 192.168.1.196/24
gateway 192.168.1.1
bridge_ports bond0.1
bridge_stp off
bridge_fd 0.0
post-up ip link set dev bond0.1 mtu 1500
iface bond0.10 inet manual
auto br10
iface br10
address 192.168.10.1/24
bridge_ports bond0.10
bridge_stp off
bridge_fd 0.0
Example with two interfaces on the same adapter. One with VLAN and one without
Since Linux doesn't allow multiple default gateways we need to use a second routing table using iproute2:
apk add iproute2
Then we'll add two new routing tables to the config file. One for each network:
echo "1 rt1" >> /etc/iproute2/rt_tables;echo "2 rt2" >> /etc/iproute2/rt_tables;
Now we need to edit the file /etc/network/interfaces as follow
Contents of /etc/network/interfaces
auto lo
iface lo inet loopback
# the native interface without a VLAN (also called untagged)
auto eth0
iface eth0
address 192.168.1.100/24
gateway 192.168.1.1
post-up ip route add 192.168.1.0/24 dev eth0 src 192.168.1.100 table rt1
post-up ip route add default via 192.168.1.1 dev eth0 table rt1 # actual gateway for this interface
post-up ip rule add from 192.168.1.100/32 table rt1
post-up ip rule add to 192.168.1.100/32 table rt1
# second interface with the vlan tag 5
auto eth0.5
iface eth0.5
address 192.168.5.100/24
post-up ip route add 192.168.5.0/24 dev eth0.5 src 192.168.5.100 table rt2
post-up ip route add default via 192.168.5.1 dev eth0.5 table rt2 # actual gateway for this interface
post-up ip rule add from 192.168.5.100/32 table rt2
post-up ip rule add to 192.168.5.100/32 table rt2
Note that if you want to add a third interface this way, you'll have to add another routing table.