Re: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

newer
Re: [opensuse-virtual] OS 11.1 xen...

older
[opensuse-virtual] How to setup a...

James Oakley

5 Jan 2009 5 Jan '09

14:35

On Friday 02 January 2009 21:59:23 PGNet wrote:

...

Given OpenSuse 11.1's "new", recommended-yet-undocumented approach to Xen network setup ... namely, NOT using the xen-included network scripts to tear-down & reassign interfaces/bridges, but rather using the /etc/sysconfig/network/ifcfg-br* scripts at system boot ... where's the right place to assign that a dummy-network VLAN? Has the recommended approach changed as well?

To create a vlan, you need to create an ifcfg-vlan<num> file under /etc/sysconfig/network. For example, assuming we want vlan4 attached to the eth0 device: /etc/sysconfig/network/ifcfg-vlan4: ETHERDEVICE='eth0' BOOTPROTO='static' IPADDR='10.1.1.1/24' NAME="VLAN 4" STARTMODE='auto' Then edit ifcfg-br0 and change eth0 to vlan4, or if you wanted to create a new bridge, copy ifcfg-br0 to, for example, ifcfg-br1. Also, you can name your bridge interfaces to anything you want, but vlan devices always have to be named vlan<num>. On Xen systems, I usually give the bridges descriptive names, which helps when selecting which bridge to use when deploying a domU. Hope that helps, -- James Oakley jfunk@opensuse.org -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

Show replies by date

PGNet

5 Jan 5 Jan

15:13

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

On Mon, Jan 5, 2009 at 6:35 AM, James Oakley wrote:

...

To create a vlan, you need to create an ifcfg-vlan<num> file under ...

Seems straightforward, but, per your config, after reboot, ifconfig shows no trace of a vlan (it's supposed to, right?). missing kernel mod maybe? one of these? lsmod | grep -i vlan locate -i vlan |grep -i ko /lib/modules/2.6.25.18-0.2-default/kernel/drivers/net/macvlan.ko /lib/modules/2.6.25.18-0.2-default/kernel/net/bridge/netfilter/ebt_vlan.ko /lib/modules/2.6.25.18-0.2-xen/kernel/drivers/net/macvlan.ko /lib/modules/2.6.25.18-0.2-xen/kernel/net/bridge/netfilter/ebt_vlan.ko or yet something else?

...

Also, you can name your bridge interfaces to anything you want, but vlan devices always have to be named vlan<num>. On Xen systems, I usually give the bridges descriptive names, which helps when selecting which bridge to use when deploying a domU.

That's what I do with as well with bridges. I was not aware of the naming restriction for vlans -- just had used the numbering convention by happenstance. Thanks. -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

James Oakley

15:56

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

On Monday 05 January 2009 11:13:05 PGNet wrote:

...

On Mon, Jan 5, 2009 at 6:35 AM, James Oakley wrote:

...
To create a vlan, you need to create an ifcfg-vlan<num> file under

...

Seems straightforward, but, per your config, after reboot, ifconfig shows no trace of a vlan (it's supposed to, right?).

What happens if you run 'ifup vlan<num>'? Do you have the vlan package installed? -- James Oakley jfunk@opensuse.org -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

PGNet

16:29

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

Hi James,

...

What happens if you run 'ifup vlan<num>'?

cat ifcfg-vlan2 ETHERDEVICE='eth2' BOOTPROTO='static' IPADDR='192.168.1.0/24' NAME="VLAN 2" STARTMODE='auto' cat ifcfg-brTEST BRIDGE='yes' BRIDGE_PORTS='vlan2' BRIDGE_FORWARDDELAY='0' BRIDGE_STP='off' BOOTPROTO='none' STARTMODE='auto' NAME='Intel 82541PI' LLADDR='00:0E:0C:D4:C2:F1' ifup vlan2 vlan2 interface eth2 is not available Cannot find device "vlan2" Cannot enable interface vlan2. interface vlan2 is not up Checking for network time protocol daemon (NTPD): unused ifconfig eth2 eth2: error fetching interface information: Device not found ifconfig brTEST brTEST Link encap:Ethernet HWaddr 00:0E:0C:D4:C2:F1 inet addr:192.168.1.0 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Hm. I've something screwed up ... also, NTPD !?

...

Do you have the vlan package installed?

Yes ... rpm -qa | grep vlan vlan-1.9-90.1 I clearly need to read-up some more. Also, monkeying around with 'this', I need to (re)think about my context here ... My current goal is to run a NAS server in one DomU, and serve NFS from it to other DomUs (& the Dom0) over a dedicated/isolated VLAN. As I muddle through this setup, I'm not at all certain that Bridge/VLAN in Dom0 is the right approach here. :-/ Thoughts? Thanks. -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

James Oakley

17:58

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

On Monday 05 January 2009 12:29:00 PGNet wrote:

...

Hi James,

...
What happens if you run 'ifup vlan<num>'?

...

ifup vlan2 vlan2 interface eth2 is not available Cannot find device "vlan2" Cannot enable interface vlan2. interface vlan2 is not up

Looks like eth2 is missing.

...

ifconfig eth2 eth2: error fetching interface information: Device not found

Yes it sounds like the driver has not been loaded, what kind of card is this?

...

Also, monkeying around with 'this', I need to (re)think about my context here ...

My current goal is to run a NAS server in one DomU, and serve NFS from it to other DomUs (& the Dom0) over a dedicated/isolated VLAN.

As I muddle through this setup, I'm not at all certain that Bridge/VLAN in Dom0 is the right approach here. :-/ Thoughts?

So, if I'm reading this right, you're not connecting the VLAN trunk to a switch? If you only want to allow domU's to talk to each other, and maybe the host, you don't want VLANs at all. You just need a private bridge with no initial ports. Just remove vlan2 from your BRIDGE_PORTS setting on your existing bridge. If you want, you could even set an IP address on the bridge so that dom0 would also have access to the network. I sometimes even run a DHCP server on the bridge to simplify the configuration of any domUs on it. So, for ifcfg-brTEST: IPADDR='10.1.1.1/24' BRIDGE='yes' BRIDGE_PORTS='' BRIDGE_FORWARDDELAY='0' BRIDGE_STP='off' BOOTPROTO='static' STARTMODE='auto' -- James Oakley jfunk@opensuse.org -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

PGNet

18:09

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

Hi James, On Mon, Jan 5, 2009 at 9:58 AM, James Oakley wrote:

...

Looks like eth2 is missing.

Hrm ...

...

...
ifconfig eth2 eth2: error fetching interface information: Device not found

Yes it sounds like the driver has not been loaded, what kind of card is this?

It's an "Intel Corporation 82541PI Gigabit Ethernet Controller" using the e1000 driver, modinfo e1000 | grep ^version version: 8.0.6-NAPI lsmod | grep e1000 e1000 191684 0 grep eth2 /etc/modprobe.conf.local alias eth2 e1000

...

...
As I muddle through this setup, I'm not at all certain that Bridge/VLAN in Dom0 is the right approach here. :-/ Thoughts?

So, if I'm reading this right, you're not connecting the VLAN trunk to a switch?

That's correct ... not on this setup. Just trying to isolate NAS traffic between domUs

...

If you only want to allow domU's to talk to each other, and maybe the host, you don't want VLANs at all. You just need a private bridge with no initial ports. Just remove vlan2 from your BRIDGE_PORTS setting on your existing bridge.

An "aha!" moment! Thanks.

...

If you want, you could even set an IP address on the bridge so that dom0 would also have access to the network. I sometimes even run a DHCP server on the bridge to simplify the configuration of any domUs on it.

So, for ifcfg-brTEST:

IPADDR='10.1.1.1/24' BRIDGE='yes' BRIDGE_PORTS='' BRIDGE_FORWARDDELAY='0' BRIDGE_STP='off' BOOTPROTO='static' STARTMODE='auto'

Iiuc, then, in this config *NO* BRIDGE_PORT assigned? Clearly not to a real ethX interface, but not even a dummy-net intfc required? Thanks again! -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

James Oakley

19:53

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

On Monday 05 January 2009 14:09:59 PGNet wrote:

...

...
Yes it sounds like the driver has not been loaded, what kind of card is this?

It's an "Intel Corporation 82541PI Gigabit Ethernet Controller"

using the e1000 driver,

modinfo e1000 | grep ^version version: 8.0.6-NAPI

lsmod | grep e1000 e1000 191684 0

Try these commands: ip addr dmesg | grep eth

...

grep eth2 /etc/modprobe.conf.local alias eth2 e1000

This method of device naming has been deprecated for some time. /etc/udev/rules.d/70-persistent-net.rules is the correct file.

...

...
So, for ifcfg-brTEST:

IPADDR='10.1.1.1/24' BRIDGE='yes' BRIDGE_PORTS='' BRIDGE_FORWARDDELAY='0' BRIDGE_STP='off' BOOTPROTO='static' STARTMODE='auto'

Iiuc, then, in this config *NO* BRIDGE_PORT assigned? Clearly not to a real ethX interface, but not even a dummy-net intfc required?

The bridge is itself a virtual Ethernet interface. No dummies required. -- James Oakley jfunk@opensuse.org -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

PGNet

20:07

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

Hi James, On Mon, Jan 5, 2009 at 11:53 AM, James Oakley wrote:

...

dmesg | grep eth

Nothing re: eth2. Bears further investigation ... later. For now, ripping out the vlan stuff anyway, and following your advice.

...

...
grep eth2 /etc/modprobe.conf.local alias eth2 e1000

This method of device naming has been deprecated for some time. /etc/udev/rules.d/70-persistent-net.rules is the correct file.

I'd had that as well already, ... # PCI device 0x8086:0x107c (e1000) SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0E:0C:D4:C2:F1", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2" ... I keep bumping into "that's been deprecated for quite awhile" comments ... clearly, I'm not reading the "right stuff" :-/ Where, e.g., is that fact documented?

...

The bridge is itself a virtual Ethernet interface.

Knew that. Did not realize that that was sufficient. Thanks.

...

No dummies required.

Hehe. Subtle, funny guy. Point taken ... ;-) p.s. I also note your use in the Bridge config of, e.g., IPADDR='192.168.1.0/24' rather than, e.g., IPADDR='192.168.1.0' NETWORK='192.160.1.0' PREFIX='24' which I've seen elsewhere. Is the difference just style, or actual substance? Thanks much. -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

James Oakley

21:10

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

On Monday 05 January 2009 16:07:06 PGNet wrote:

...

I keep bumping into "that's been deprecated for quite awhile" comments ... clearly, I'm not reading the "right stuff" :-/ Where, e.g., is that fact documented?

IIRC, I initially grepped in /etc to find out where it was being set, and then started reading up on udev. The change actually occurred with the Linux 2.6 release. Release notes should point these things out, but the Linux world moves quickly and it's hard to keep track, especially for the more low-level things.

...

p.s. I also note your use in the Bridge config of, e.g.,

IPADDR='192.168.1.0/24'

rather than, e.g.,

IPADDR='192.168.1.0' NETWORK='192.160.1.0' PREFIX='24'

which I've seen elsewhere. Is the difference just style, or actual substance?

Most people who aren't hard-core networking types use separate IP/netmask/network addresses since that's how it's normally expressed in traditional networking configuration interfaces. Unfortunately, it's somewhat error-prone (was that 255.255.255.248 or 255.255.255.252?) and takes too long to say aloud or type out on command line interfaces in routers or Linux shells. The IP/prefix notation is CIDR format, which you will often find used in routers with command-line interfaces and within the Linux iproute2 interface (ip, tc, etc). In SUSE, even if you specify a separate IP/Netmask, it will be converted to this format during device configuration, so ifup actually calls, eg: ip addr add 10.1.1.1/24 dev eth0 Hope that clears it up :-) -- James Oakley jfunk@opensuse.org -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

PGNet

21:28

New subject: [opensuse-virtual] How to setup a bridged vlan under OS 11.1?

On Mon, Jan 5, 2009 at 1:10 PM, James Oakley wrote:

...

IIRC, I initially grepped in /etc to find out where it was being set, and ...

I've been depending too much on official docs, wiki, lists & forums, it seems. Fair enough -- and thanks for the pointer.

...

it will be converted to this format during device configuration, so ifup actually calls, eg:

ip addr add 10.1.1.1/24 dev eth0

So CIDR is 'ok'. Great. I prefer the shorthand anyhow ...

...

Hope that clears it up :-)

Yup. Thanks.

...

-- James Oakley jfunk@opensuse.org -- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

-- To unsubscribe, e-mail: opensuse-virtual+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-virtual+help@opensuse.org

5594

Age (days ago)

5594

Last active (days ago)

List overview

Download

9 comments

2 participants

participants (2)

James Oakley
PGNet