VLAN

From ArchWiki
Revision as of 15:48, 20 February 2012 by Squeeb (Talk | contribs) (UDEV considerations)

Jump to: navigation, search

Tango-document-new.pngThis article is a stub.Tango-document-new.png

Notes: please use the first argument of the template to provide more detailed indications. (Discuss in Talk:VLAN#)

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.


Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어


External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Summary help replacing me
VLAN
Related
Network
Netcfg

Introduction

Virtual LANs give you the ability to sub-divide a LAN. Linux can accept VLAN tagged traffic and presents each VID as a different network interface (eg: eth0.100 for VID 100)

Getting Started

Previously Arch Linux used vconfig to setup VLANs. This had been superseded by the ip command. Make sure you have iproute2 installed

# pacman -Ss iproute2

Alternatively you can install vconfig from AUR

Configuring VLANs

Adding a VLAN

To add a VLAN use a command with this needlessly long syntax:

ip link add link INTERFACE name INTERFACE.VID type vlan id VID

Example:

ip link add link eth0 name eth0.100 type vlan id 100

Run ifconfig -a to confirm that it has been created (Non deprected alternative is to run ip link).
This interface behaves like a normal interface. All traffic routed to it will go through the master interface (in this example, eth0) but with a VLAN tag. Only VLAN aware devices can accept them if configured correctly else the traffic is dropped.
Using a name like eth0.100 is just convention and not enforced. You can alternatively use eth0_100 or something descriptive like IPTV

Configuring the VLAN

To add an IPv4 address the the just created vlan link, and activate the link you can do:

ip addr add IP/NETMASK brd BROADCAST-ADDR dev INTERFACE.VID
ip link set dev INTERFACE.VID up

Example:

ip addr add 192.168.100.1/24 brd 192.168.100.255 dev eth0.100
ip link set dev eth0.100 up

De-Configuring the VLAN

To cleanly shutdown the setting before you remove the link, you can do:

ip link set dev INTERFACE.VID down

Example:

ip link set dev eth0.100 down

Removing a VLAN

Removing a VLAN interface is significantly less convoluted

ip link delete INTERFACE.VID

Example:

ip link delete eth0.100

UDEV considerations

An annoyance is that udev may try to rename virtual devices as they are added, thus ignoring the INTERFACE.VID configured for them either via iproute2 or via a netcfg profile
For instance, if the following commands are issued:

ip link add link eth0 name eth0.100 type vlan id 100
ip link show 

This would generate the following output:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether aa:bb:cc:dd:ee:ff brd ff:ff:ff:ff:ff:ff
3: rename1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state DOWN 
   link/ether aa:bb:cc:dd:ee:ff brd ff:ff:ff:ff:ff:ff

udev has ignored the configured virtual interface name of INTERFACE.VID and autonamed it rename1. Hmmph!

The solution is to edit /etc/udev/rules.d/network_persistent.rules and append DRIVERS=="?*" to the end of the physical interface's configuration line.
For example, for the interface aa:bb:cc:dd:ee:ff (eth0):

SUBSYSTEM=="net", ATTR{address}=="aa:bb:cc:dd:ee:ff", NAME="eth0", DRIVERS=="?*"

A reboot should mean that VLANs configure correctly with the names assigned to them.

VLANs at boot

You can use netcfg profile and put POST_UP, PRE_DOWN command to do above action. (Similar thing as done here: [1]) I did it for my eht0, that have is both multi-home (DHCP to the modem, and local subnet 192.168.12.0), and VLAN 112 as well. Here is an extract of a sample /etc/rc.d/my-network file:

CONNECTION='ethernet'
DESCRIPTION='modem cable connection'
INTERFACE='eth0'
IP='dhcp'
POST_UP='ip addr add 192.168.12.1/24 brd 192.168.12.255 dev eth0; ip link add link eth0 name eth0.112 type vlan id 112; ip addr add 192.168.112.1/24 brd 192.168.112.255 dev eth0.112; ip link set dev eth0.112 up'
PRE_DOWN='ip link set dev eth0.112 down; ip link delete eth0.112; ip addr del 192.168.12.1/24 dev eth0'

Question: Any \ like syntax available at eol to have POST_UP split on multi-line ?
Seems it should be possible to put such control directly for netcfg into /etc/rc.conf (instead of inside the POST_UP in the netcfg profile file). Extra info on how to do that still missing ... (not clear)
possible issue is to get error in one of commands put inside POST_UP/PRE_DOWN. This can prevent to manual stop/start control of the network link

Manual start/stop

To control by hand the link after boot using the netcfg profile you put in place, you can try following commands:

/etc/rc.d/net-profiles restart
/etc/rc.d/net-profiles stop
/etc/rc.d/net-profiles start