Configuring VLANs Under Fedora/RHEL/CentOS

18 Чер
2007

The configuration of VLANs under FC/RHEL/CentOS is something that I always end up looking in the «ifup» script and experimenting around with. This is made worse by there being two different conventions that can be used for the interface naming. Here's how I set up VLANs.

First of all, the base interface needs to be configured. Usually, it's already got at least a stub file, which needs to be modified to have the following elements:

DEVICE=eth0 # use real interface name here
BOOTPROTO=static
HWADDR=AA:17:31:9C:8D:BC # use real MAC address here
ONBOOT=no
TYPE=Ethernet
IPADDR=0.0.0.0
NETMASK=255.255.255.0

In this example, I am configuring the device «eth0» (the file /etc/sysconfig/network-scripts/ifcfg-eth0", with the MAC address of «AA:17:31:9C:8D:BC». You will need to plug in your system's values for these two lines, and the rest should be left the same.
For «vlanX» Interfaces

If you want your interfaces named «vlanX», use this section. The next section describes how to set it up for interfaces named «eth0.X». The benefit of vlanX naming is that if you only have one VLAN name-space, you don't have to care about which interface has the VLAN tagging enabled on it. If you move the physical interface, the vlan interface names stay the same, so you don't have to modify firewall rules, etc...

To set up the VLAN with ID 5, on eth0, you would create a file named «/etc/sysconfig/network-scripts/ifcfg-vlan5» with the following in it:

VLAN=yes
VLAN_NAME_TYPE=VLAN_PLUS_VID_NO_PAD
DEVICE=vlan5
PHYSDEV=eth0
BOOTPROTO=static
ONBOOT=yes
TYPE=Ethernet
IPADDR=10.254.5.254
NETMASK=255.255.255.0

The «PHYSDEV» line is needed to tell the «ifup» script what device to attach the VLAN to. Once you've done this, «ifup vlan5» should bring up your vlan5 interface with the IP information specified above. «ONBOOT» says the interface should be brought up at boot.

The «VLAN_NAME_TYPE» line specifies that devices should be named «vlan5». This only has to appear in the first vlan interface file, but it's probably best to have in all of them, in case the first one is removed. Note that only the first one is used, so you can't have different naming between VLANs via the Red Hat network scripts. To do that, you'd have to manually configure the different interfaces.
For «eth0.X» Interfaces

The other method for naming is «eth0.X» which has the benefit that you don't have to specify the interface name in the ifcfg script. Also, since VLAN interfaces are named based on the physical interface, you can have different VLAN name-spaces. In other words, eth0.5 may be a different network than eth1.5. However, VLAN IDs have a name-space of up to 4096, so unless you're dealing with multiple networks outside of your control, you can (and should) probably use a non-overlapping VLAN name-space.

The draw-back is that /etc/sysctl.conf interprets the «.» in the name as meaning a «/» in the /proc heirarchy, which breaks things like «net.ipv4.conf.eth0.5.forwarding = 1».

To configure «eth0.5», write a «/etc/sysconfig/network-scripts/ifcfg-eth0.5» file with:

VLAN=yes
DEVICE=eth0.5
BOOTPROTO=static
ONBOOT=yes
TYPE=Ethernet
IPADDR=10.254.5.254
NETMASK=255.255.255.0

This is the same as for «vlan5» above, but the «PHYSDEV» and «VLAN_NAME_TYPE» lines may be omitted.

Original here

Comment Form

top