Bridge over VLAN Tagging over over Bonding: the perfect network setup

Introduction

In this article, I’ll explain how to put together three different methods to simplify deployment and configuration of you virtual machines: VLAN Tagging, Bridge and Bonding. But if never heard of any of them, we’ll setup them up separately, so it becomes very ease to put the three together.

Every examples in this article is for servers witch CentOS 5.5 and Switch Cisco, but they could use for other systems as well.

VLAN Tagging
The Why

Before virtualization, you had several physical servers separated in several different VLAN’s in your company. But when you had to migrate all your servers to virtual machines in a single physical machine, how could you concentrate different VLAN’s in a single network interface? VLAN Tagging is the answer.

Before you can configure VLAN Tagging in your server, you have to make sure that the switch your physical machine is connected to supports VLAN Trunk. I’m no expert in switches, but I’m pretty sure that if your switch support VLAN, it will support VLAN Trunk.

When you set the switch port which you physical server is connect to VLAN Trunk mode, the switch will look in the packet header for the VLAN Tag, to find out which VLAN that packet is destined to. That basicly means that is up to the server on the other end
to select which VLAN the packets must go to.

That’s the perfect solution for our problem. With this technique, you can have a single physical virtualization server, with several virtual machines in different VLAN’s.

The How

First step is setting you switch port to VLAN Trunk mode. This is an example of how setting this in a Switch Cisco 3750:

# conf t
(config)# int <server-port>
(config-if)# description Any description you'd like here
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# exit
(config)# exit
# copy run st

Those lines are only to setup trunk mode in your switch port, there probably would be more configuration for spanning-tree or dhcp, but I won’t list them here.

Now you have to setup VLAN Tagging in you server’s network adapter. In CentOS or Red Hat, edit you network interface’s configuration file to something like this (assuming the interface is eth0):

(file: /etc/sysconfig/network-scripts/ifcfg-eth0)
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
NM_CONTROLLED=no
USERCTL=no
TYPE=Ethernet
IPV6INIT=no
PEERDNS=yes

There’s no Static IP Adress or DHCP configuration on eth0, because the actual network address will be configured on the VLAN Tagged network interfaces. If you have a VLAN configured in your switch with ID 2 and that VLAN has the network 192.168.0.0 and netmask 255.255.255.0, you could configure a VLAN Tagged network interface like this:

(file: /etc/sysconfig/network-scripts/ifcfg-eth0.2)
DEVICE=eth0.2
BOOTPROTO=static
ONBOOT=yes
VLAN=yes
IPADDR=192.168.0.10
NETMASK=255.255.255.0
NETWORK=192.168.0.0
GATEWAY=192.168.0.1
NM_CONTROLLED=no
USERCTL=no
TYPE=Ethernet
IPV6INIT=no
PEERDNS=yes

Notice that the name if the interface (eth0.2) indicates to which VLAN the packets going out trough this interfaced will be tagged to (in this case, the VLAN witch ID 2).

After that, you can create as much of eth0.X interfaces as you needs, with X beeing the VLAN ID. Just one last note: the “GATEWAY” option must appear on only one of these interfaces, which will define the VLAN that physical device will connect with the Internet.

Advertisements

Tags: , , , ,

6 responses to “Bridge over VLAN Tagging over over Bonding: the perfect network setup”

  1. trucof says :

    Where is the bonding part ?

  2. naprawa laptopów poznań says :

    Thank you, I’ve recently been hunting for details about this subject for ages and yours is the best I have discovered so far.

  3. dui attorney in Albuquerque says :

    I’m not that much of a online reader to be honest but your sites really nice, keep it up! I’ll go ahead and bookmark your site to come back down the road. Many thanks

  4. Shelton Pesola says :

    learnt some interesting points from this post thanks a lot

  5. Unix Pastures says :

    Very well written article, but I would suggest you rename the title to reflect that there is no writeup on the bridging or bonding aspects. Then if you ever get around to adding those parts, add them to the title. Thanks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: