VLAN: Difference between revisions

From Alpine Linux
No edit summary
m (→‎Configuration: Fixed second example config. (address and netmask CANNOT be combined))
 
(15 intermediate revisions by 8 users not shown)
Line 1: Line 1:
This article shows how to configure a network interface as an IEEE 802.1q VLAN trunk.
This article shows how to configure a network interface as an IEEE 802.1q VLAN trunk.


{{Note| Alpine Linux v2.4 or later is required}}
__TOC__
 
==Installation==
==Installation==
First, install the ''vlan'' package. This will give you support for vlans in the ''/etc/network/interfaces'' file.
First, install the ''vlan'' package. This will give you support for VLANs in the {{path|/etc/network/interfaces}} file.
{{Cmd|apk add vlan}}
{{Cmd|apk add {{pkg|vlan|arch=}}}}


==Configuration==
==Configuration==
Edit the ''/etc/network/interfaces'' file:
Edit the {{path|/etc/network/interfaces}} file:
<pre>
<pre>
auto eth0.8
auto eth0.8
Line 14: Line 15:
netmask 255.255.255.0
netmask 255.255.255.0
gateway 192.168.0.1
gateway 192.168.0.1
vlan-raw-device eth0
vlan_id 8
</pre>
</pre>
With the ''vlan'' package installed ifup will find the trailing .8 in eth0.8 and will create a vlan interface with vid 8 over eth0.
With the ''vlan'' package installed, {{ic|ifup}} will find the trailing .8 in eth0.8 and will create a VLAN interface with vid 8 over eth0.


Alternative with vlan8 over eth0:
Alternatively with vlan8 over eth0:
<pre>
<pre>
auto vlan8
auto vlan8
Line 27: Line 31:
</pre>
</pre>


In those examples a static ip address was used but it works with dhcp as well.
A static IP address was used in the examples shown above, but DHCP can be used as well.


== Example with vlans over bonding ==
== Example with bridges associated with VLANs over bonding with differing MTUs on the various VLANs ==
In this example we will [[Bonding|bond]] eth1 and eth2 interfaces and create vlan trunks with vid 8, 64 and 96. The gateway (ISP) is on eth0.
This serves as an example of some of the more complicated networking possible. Particularly, this would work well for a hypervisor attached to a dedicated storage VLAN. Less complicated implementations can be achieved by merely removing the non-applicable parts.
<pre>
<pre>
auto eth0
auto lo
iface eth0 inet dhcp
iface lo inet loopback


auto bond0
auto bond0
# use manual because the bond0 interface should not have any ip.
  iface bond0 inet manual
iface bond0 inet manual
  bond_slaves eth0 eth1
bond-slaves eth1 eth2
  bond_mode 802.3ad
# bring up the vlans with 'ifup bond0'
  bond_miimon 100
up ifup bond0.8
  bond_xmit_hash_policy layer2+3
up ifup bond0.64
  post-up ip link set dev bondi0 mtu 9000
up ifup bond0.96
 
iface bond0.1
 
auto br1
iface br1
  address 192.168.1.196/24
  gateway 192.168.1.1
  bridge_ports bond0.1
  bridge_stp off
  bridge_fd 0.0
  post-up ip link set dev bond0.1 mtu 1500
 
iface bond0.10 inet manual
 
auto br10
  iface br10 inet static
  address 192.168.10.1/24
  bridge_ports bond0.10
  bridge_stp off
  bridge_fd 0.0
</pre>
 
== Example with two interfaces on the same adapter. One with VLAN and one without ==
 
Since Linux doesn't allow multiple default gateways we need to use a second routing table using iproute2


down ifdown bond0.96
{{Cmd|apk add {{pkg|iproute2|arch=}}}}
down ifdown bond0.64
down ifdown bond0.8


# no auto since ifup bond0 will bring this up
Then we'll add two new routing tables to the config file. One for each network
iface bond0.8 inet static
 
address 10.65.8.1
{{Cmd|echo "1 rt1" >> /etc/iproute2/rt_tables;echo "2 rt2" >> /etc/iproute2/rt_tables;}}
netmask 255.255.255.0
 
Now we need to edit {{path|/etc/network/interfaces}}
 
<pre>
auto lo
iface lo inet loopback


iface bond0.64 inet static
# the native interface without a VLAN (also called untagged)
address 10.65.64.1
netmask 255.255.255.0


iface bond0.96 inet static
auto eth0
address 10.65.96.1
iface eth0
netmask 255.255.255.0
        address 192.168.1.100/24
        gateway 192.168.1.1
        post-up ip route add 192.168.1.0/24 dev eth0 src 192.168.1.100 table rt1
        post-up ip route add default via 192.168.1.1 dev eth0 table rt1 # the actual gateway for this interface
        post-up ip rule add from 192.168.1.100/32 table rt1
        post-up ip rule add to 192.168.1.100/32 table rt1


# second interface with the vlan tag 5
auto eth0.5
iface eth0.5
    address 192.168.5.100/24
    post-up ip route add 192.168.5.0/24 dev eth0.5 src 192.168.5.100 table rt2
    post-up ip route add default via 192.168.5.1 dev eth0.5 table rt2 # the actual gateway for this interface
    post-up ip rule add from 192.168.5.100/32 table rt2
    post-up ip rule add to 192.168.5.100/32 table rt2
</pre>
</pre>
Note that if you want to add a third interface this way, you'll have to add another routing table


[[Category:Networking]]
[[Category:Networking]]

Latest revision as of 18:59, 29 January 2024

This article shows how to configure a network interface as an IEEE 802.1q VLAN trunk.

Installation

First, install the vlan package. This will give you support for VLANs in the /etc/network/interfaces file.

apk add vlan

Configuration

Edit the /etc/network/interfaces file: 

auto eth0.8
iface eth0.8 inet static
	address 192.168.0.2
	netmask 255.255.255.0
	gateway 192.168.0.1
	vlan-raw-device eth0
	vlan_id 8

With the vlan package installed, ifup will find the trailing .8 in eth0.8 and will create a VLAN interface with vid 8 over eth0.

Alternatively with vlan8 over eth0: 

auto vlan8
iface vlan8 inet static
	address 192.168.0.2
	netmask 255.255.255.0
	gateway 192.168.0.1
	vlan-raw-device eth0

A static IP address was used in the examples shown above, but DHCP can be used as well.

Example with bridges associated with VLANs over bonding with differing MTUs on the various VLANs

This serves as an example of some of the more complicated networking possible. Particularly, this would work well for a hypervisor attached to a dedicated storage VLAN. Less complicated implementations can be achieved by merely removing the non-applicable parts. 

auto lo
iface lo inet loopback

auto bond0
  iface bond0 inet manual
  bond_slaves eth0 eth1
  bond_mode 802.3ad
  bond_miimon 100
  bond_xmit_hash_policy layer2+3
  post-up ip link set dev bondi0 mtu 9000

iface bond0.1

auto br1
iface br1
  address 192.168.1.196/24
  gateway 192.168.1.1
  bridge_ports bond0.1
  bridge_stp off
  bridge_fd 0.0
  post-up ip link set dev bond0.1 mtu 1500

iface bond0.10 inet manual

auto br10
  iface br10 inet static
  address 192.168.10.1/24
  bridge_ports bond0.10
  bridge_stp off
  bridge_fd 0.0

Example with two interfaces on the same adapter. One with VLAN and one without

Since Linux doesn't allow multiple default gateways we need to use a second routing table using iproute2

apk add iproute2

Then we'll add two new routing tables to the config file. One for each network

echo "1 rt1" >> /etc/iproute2/rt_tables;echo "2 rt2" >> /etc/iproute2/rt_tables;

Now we need to edit /etc/network/interfaces 

auto lo
iface lo inet loopback

# the native interface without a VLAN (also called untagged)

auto eth0
iface eth0
        address 192.168.1.100/24
        gateway 192.168.1.1
        post-up ip route add 192.168.1.0/24 dev eth0 src 192.168.1.100 table rt1
        post-up ip route add default via 192.168.1.1 dev eth0 table rt1 # the actual gateway for this interface
        post-up ip rule add from 192.168.1.100/32 table rt1
        post-up ip rule add to 192.168.1.100/32 table rt1

# second interface with the vlan tag 5
auto eth0.5
iface eth0.5
    address 192.168.5.100/24
    post-up ip route add 192.168.5.0/24 dev eth0.5 src 192.168.5.100 table rt2
    post-up ip route add default via 192.168.5.1 dev eth0.5 table rt2 # the actual gateway for this interface
    post-up ip rule add from 192.168.5.100/32 table rt2
    post-up ip rule add to 192.168.5.100/32 table rt2

Note that if you want to add a third interface this way, you'll have to add another routing table

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=VLAN&oldid=26359"