2012年10月31日 星期三

(15) VLAN tagging -- Redhat Linux

Setting up VLAN on Redhat Linux

請先確定RHEL/Fedora上已經安裝了vconfig套件,並且8021q模組已被啟用:

yum install vconfig
modprobe 8021q
假設eth0的網路是192.168.10.0/24,而switch上另外有兩個VLAN,分別是VLAN5(192.168.100.0/24)/VLAN10(192.168.200.0/24),希望同時能跟這兩個VLAN的網路溝通:
ifcfg-eth0ifcfg-eth0.5ifcfg-eth0.10
DEVICE=eth0
IPADDR=192.168.10.198
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
DEVICE=eth0.5
VLAN=yes
IPADDR=192.168.100.2
NETMASK=255.255.255.0
GATEWAY=192.168.100.254
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
DEVICE=eth0.10
VLAN=yes
IPADDR=192.168.200.2
NETMASK=255.255.255.0
GATEWAY=192.168.200.254
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no

延續之前的設定:我們已經把eth0/eth1結合成bond0,現在我們又要為bond0加上VLAN tag:bond0.5/bond0.10。

ifcfg-eth0ifcfg-eth1ifcfg-bond0ifcfg-bond0.5ifcfg-bond0.10
DEVICE=eth0
BOOTPROTO=none
NM_CONTROLLED=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
DEVICE=eth0
BOOTPROTO=none
NM_CONTROLLED=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
DEVICE=bond0
TYPE=bonding
BOOTPROTO=static
IPADDR=192.168.10.198
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
BONDING_OPTS="mode=6 miimon=100"
DEVICE=bond0.5
VLAN=yes
IPADDR=192.168.100.2
NETMASK=255.255.255.0
#GATEWAY=192.168.100.254
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
DEVICE=bond0.10
VLAN=yes
IPADDR=192.168.200.2
NETMASK=255.255.255.0
#GATEWAY=192.168.200.254
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
檢查看看VLAN的狀態:
cat /proc/net/vlan/config
VLAN Dev name  | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
bond0.5        | 5  | bond0
bond0.10       | 10 | bond0
cat /proc/net/vlan/vlan5
bond0.5  VID: 3  REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           53
       total bytes transmitted         6883
            total headroom inc            0
           total encap on xmit            0
Device: bond0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings: 
還沒傳輸什麼資料,所以都是0囉!

可以再更複雜一點:我們已經把eth0/eth1結合成bond0,又再分享了bond0成為br0;現在我們又要為br0加上VLAN tag:br0.5/br0.10。

ifcfg-eth0ifcfg-eth1ifcfg-bond0ifcfg-br0ifcfg-br0.5ifcfg-br0.10
DEVICE=eth0
BOOTPROTO=none
NM_CONTROLLED=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
DEVICE=eth0
BOOTPROTO=none
NM_CONTROLLED=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
DEVICE=bond0
TYPE=bonding
BOOTPROTO=none
#IPADDR=192.168.10.198
#NETMASK=255.255.255.0
#GATEWAY=192.168.10.1
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
BONDING_OPTS="mode=6 miimon=100"
BRIDGE=br0
DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.10.22
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DEVICE=br0.5
VLAN=yes
IPADDR=192.168.100.2
NETMASK=255.255.255.0
GATEWAY=192.168.100.254
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
DEVICE=br0.10
VLAN=yes
IPADDR=192.168.200.2
NETMASK=255.255.255.0
GATEWAY=192.168.200.254
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no

當然如果switch有設定VLAN DHCP服務的話,這裡設定DHCP也行!別忘了重新啟動網路吧!

service network restart

參考文章:

Share

沒有留言: