Bridge over VLAN Tagging over over Bonding: the perfect network setup
In this article, I’ll explain how to put together three different methods to simplify deployment and configuration of you virtual machines: VLAN Tagging, Bridge and Bonding. But if never heard of any of them, we’ll setup them up separately, so it becomes very ease to put the three together.
Every examples in this article is for servers witch CentOS 5.5 and Switch Cisco, but they could use for other systems as well.
Before virtualization, you had several physical servers separated in several different VLAN’s in your company. But when you had to migrate all your servers to virtual machines in a single physical machine, how could you concentrate different VLAN’s in a single network interface? VLAN Tagging is the answer.
Before you can configure VLAN Tagging in your server, you have to make sure that the switch your physical machine is connected to supports VLAN Trunk. I’m no expert in switches, but I’m pretty sure that if your switch support VLAN, it will support VLAN Trunk.
When you set the switch port which you physical server is connect to VLAN Trunk mode, the switch will look in the packet header for the VLAN Tag, to find out which VLAN that packet is destined to. That basicly means that is up to the server on the other end
to select which VLAN the packets must go to.
That’s the perfect solution for our problem. With this technique, you can have a single physical virtualization server, with several virtual machines in different VLAN’s.
First step is setting you switch port to VLAN Trunk mode. This is an example of how setting this in a Switch Cisco 3750:
# conf t (config)# int <server-port> (config-if)# description Any description you'd like here (config-if)# switchport trunk encapsulation dot1q (config-if)# switchport mode trunk (config-if)# exit (config)# exit # copy run st
Those lines are only to setup trunk mode in your switch port, there probably would be more configuration for spanning-tree or dhcp, but I won’t list them here.
Now you have to setup VLAN Tagging in you server’s network adapter. In CentOS or Red Hat, edit you network interface’s configuration file to something like this (assuming the interface is eth0):
(file: /etc/sysconfig/network-scripts/ifcfg-eth0) DEVICE=eth0 BOOTPROTO=none ONBOOT=yes NM_CONTROLLED=no USERCTL=no TYPE=Ethernet IPV6INIT=no PEERDNS=yes
There’s no Static IP Adress or DHCP configuration on eth0, because the actual network address will be configured on the VLAN Tagged network interfaces. If you have a VLAN configured in your switch with ID 2 and that VLAN has the network 192.168.0.0 and netmask 255.255.255.0, you could configure a VLAN Tagged network interface like this:
(file: /etc/sysconfig/network-scripts/ifcfg-eth0.2) DEVICE=eth0.2 BOOTPROTO=static ONBOOT=yes VLAN=yes IPADDR=192.168.0.10 NETMASK=255.255.255.0 NETWORK=192.168.0.0 GATEWAY=192.168.0.1 NM_CONTROLLED=no USERCTL=no TYPE=Ethernet IPV6INIT=no PEERDNS=yes
Notice that the name if the interface (eth0.2) indicates to which VLAN the packets going out trough this interfaced will be tagged to (in this case, the VLAN witch ID 2).
After that, you can create as much of eth0.X interfaces as you needs, with X beeing the VLAN ID. Just one last note: the “GATEWAY” option must appear on only one of these interfaces, which will define the VLAN that physical device will connect with the Internet.