[TriLUG] tagging vlans with Red Hat /CentOS

Chris Bullock cgbullock at yahoo.com
Thu Feb 8 11:11:45 EST 2007


I have vlans on my switch and they function correctly:

--- jonc <jonc at nc.rr.com> wrote:

> I think the key sentence top point out in the KB article is the first
> one:
>    When connected to a properly configured network device,
>    your Red Hat Enterprise Linux 3 system can communicate
>    over a network using 802.1q Virtual Local Area Network
>   (VLAN) tagged frames.
> 
> Is your switch setup for VLANs and what is the setup on the switch?
HPProcurve4108# show vlans

 Status and Counters - VLAN Information

  Maximum VLANs to support : 8
  Primary VLAN : Business
  Management VLAN :

  802.1Q VLAN ID Name          Status
  -------------- ------------- -------------
  1              Business      Static
  2              Imaging       Static
  3              IPOffice      Static
  4              Servers       Static
  8              General       Static
  254            UHS           Static
> 
> Typically, we setup a VLAN in a scenario where you would like certain
> traffic to travel over its own (physically) separate network. Say you
> are running VoIP on your local network. Ideally you want the Voice
> traffic to run without interference from the data traffic. You don't
> want the Voice packets to queue up behind large data packets. That would
> slow them down and they would arrive too late to be used. So to isolate
> your VoIP traffic from you normal data traffic, you run the  VoIP
> traffic on a different network - one that is not congested by data. 
We are running qos on vlan 3 as you referenced.
> 
> It would be very expensive and somewhat confusing to have two sets of
> network wires running to every desk. Plus there would be the added
> expense of having two sets of switches and routers. Add to that the fact
> that modern switches have way more capacity than most folks normally
> use... if only there were a way to setup your single switch to use its
> excess capacity to act like it were more than one switch... then you
> could hook up multiple devices off the single switch, but the devices
> would all think they were on separate networks: VLANs.
> 
> On a typical switch you setup each VLAN like you are setting up a unique
> physically separate network. Each VLAN has it's own network IP address
> and subnet mask. For a Cisco switch creating a VLAN is as easy as:
>   vlan database
>     vlan 10
>   exit
> 
> You can give the VLAN its own network address (but you don't have to):
>   interface Vlan10
>   ip address 192.168.10.2 255.255.255.0
HPProcurve4108# show ip

 Internet (IP) Service

  IP Routing : Enabled


  Default TTL     : 64

  VLAN         | IP Config  IP Address      Subnet Mask     Proxy ARP
  ------------ + ---------- --------------- --------------- ---------
  Business     | Manual     192.168.10.2    255.255.255.0   No
  IPOffice     | Manual     172.24.64.1     255.255.255.0   No
  Servers      | Manual     172.24.4.1      255.255.252.0   No
  General      | Manual     172.24.8.1      255.255.240.0   No
  UHS          | Manual     172.24.254.1    255.255.255.0   No
> 
> Note: on some Cisco switches you must "shutdown" VLAN 1 (the default
> VLAN) before you can enable any other VLAN's on the switch. This doesn't
> really shutdown the default VLAN - it still carries any general network
> traffic.
> 
> So now your switch has multiple (logical) networks setup inside it. How
> does it know which VLAN to use for what traffic?
> Typically one of the VLANs (Vlan 1 for Cisco) is the default. This is
> the VLAN used by any non-tagged traffic. 
> 
> If you want to move VoIP traffic across a different VLAN, then you have
> to setup a VLAN for Voice. Typically we use VLAN 10 for VoIP. You setup
> a VLAN 10 on the switch, and you program all the switch ports to look
> for VoIP packets (traffic using ports typical of Voice traffic or tagged
> as voice) and send them to VLAN 10. Now, if a VoIP packet passes into
> the switch through one of the programmed switch ports, it will
> automatically be placed on the internal VLAN 10 network - separate from
> the default VLAN 1 network.
> 
> Now here is the tricky part... The traffic flows fine over the switch
> (it probably would even without VLANs, heck it's a gigabit switch!) and
> now it exits to a router. If the router treats VLAN 1 (ordinary data)
> and VLAN 10 (voice data) as the same, then you have the same problem as
> before - the voice packets get stuck queuing up behind the data packets.
> But if your router gives VLAN 10 packets priority, while stuffing VLAN 1
> packets into a buffer and making those wait, then the VoIP packets get
> to where they need to be without a time-killing delay.
> 
> If your RedHat server is the router on a network doing Voice and Data,
> then you will want to setup a priority queuing-buffer that processes
> VLAN 10 packets; or in this case, packets that come in via interface
> eth0.10
My switch is the router.
> 
> Normal data traffic would be handled by interface: eth0.1
> 
> Remember that both interfaces are on separate networks. They will each
> need their own IP information. As an example:
> 
> === ifcfg-eth0.10 ===
>   DEVICE=eth0.10
>   BOOTPROTO=static
>   HWADDR=00:08:02:DF:89:4A
>   IPADDR=192.168.10.1
>   NETMASK=255.255.252.0
>   NETWORK=192.168.10.0
>   ONBOOT=yes
>   TYPE=Ethernet
>   VLAN=yes
> 
> === ifcfg-eth0.1 ===
>   DEVICE=eth0.1
>   BOOTPROTO=static
>   HWADDR=00:08:02:DF:89:4A
>   IPADDR=192.168.1.1
>   NETMASK=255.255.252.0
>   NETWORK=192.168.1.0
>   ONBOOT=yes
>   TYPE=Ethernet
>   VLAN=yes
> 
> Note: you *cannot* put a "GATEWAY=" statement in these files. There can
> only be one default route. The "GATEWAY=" can go in your
> /etc/sysconfig/network file.
> If you want to route the networks to different places, you will have to
> setup routing statements for each network......but that is different
> post that I made a couple of months back.
> 
> Jon (get your Joyner on) Carnes
> 
> On Wed, 2007-02-07 at 17:24, Chris Bullock wrote:
> > I am starting to play with vmware and I need to tag the port that my
> > vmware box is connected to on the lan so that the vmware physical
> > interface is a member of all associated vlans, but I have not gotten
> it to
> > successfully work, so I want to narrow my search to 1 the switch, 2
> the
> > os, 3 the nic of the server.
> > I followed this kb article on red hats web site:
> > http://kbase.redhat.com/faq/FAQ_45_3681.shtm
> > 
> > When I tag the port on the switch, I lose all my networking to that
> host,
> > even after restarting the network.  Here is my eth0 config:
> > [cgb at apollo ~]$ sudo cat /etc/sysconfig/network-scripts/ifcfg-eth0*
> > DEVICE=eth0
> > ONBOOT=yes
> > 
> > DEVICE=eth0.4
> > BOOTPROTO=static
> > HWADDR=00:08:02:DF:89:4A
> > IPADDR=172.24.4.243
> > NETMASK=255.255.252.0
> > NETWORK=172.24.4.0
> > GATEWAY=172.24.4.1
> > ONBOOT=yes
> > TYPE=Ethernet
> > VLAN=yes
> > 
> > Here is the outcome of ifconfig:
> > [cgb at apollo ~]$ /sbin/ifconfig
> > eth0      Link encap:Ethernet  HWaddr 00:08:02:DF:89:4A
> >           inet addr:172.24.4.241  Bcast:172.24.7.255 
> Mask:255.255.252.0
> >           inet6 addr: fe80::208:2ff:fedf:894a/64 Scope:Link
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:7163372 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:8645697 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:1000
> >           RX bytes:819521529 (781.5 MiB)  TX bytes:3667339610 (3.4
> GiB)
> > 
> > eth0.4    Link encap:Ethernet  HWaddr 00:08:02:DF:89:4A
> >           inet addr:172.24.4.243  Bcast:172.24.7.255 
> Mask:255.255.252.0
> >           inet6 addr: fe80::208:2ff:fedf:894a/64 Scope:Link
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0
> >           RX bytes:0 (0.0 b)  TX bytes:674 (674.0 b)
> > 
> > 
> > My question here is where in the world is it pulling the IP address
> for
> > eth0?
> > 
> > Here is some of the dmesg with eth0 in it:
> > bridge-eth0: enabling the bridge
> > bridge-eth0: enabled promiscuous mode
> > bridge-eth0: up
> > e100: eth0: e100_watchdog: link up, 100Mbps, full-duplex
> > divert: allocating divert_blk for eth0.4
> > eth0.4: add 33:33:00:00:00:01 mcast address to master interface
> > eth0.4: add 33:33:ff:df:89:4a mcast address to master interface
> > eth0.4: add 01:00:5e:00:00:01 mcast address to master interface
> > eth0: no IPv6 routers present
> > eth0.4: no IPv6 routers present
> > [cgb at apollo ~]$ 
> > Any help would be appreciated.
> > Chris
> > 
> > 
> >  
> >
>
____________________________________________________________________________________
> > Finding fabulous fares is fun.  
> > Let Yahoo! FareChase search your favorite travel sites to find flight
> and hotel bargains.
> > http://farechase.yahoo.com/promo-generic-14795097
> 
> -- 
> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> 



 
____________________________________________________________________________________
Have a burning question?  
Go to www.Answers.yahoo.com and get answers from real people who know.



More information about the TriLUG mailing list