Virtual Interfaces and VLANs in Fedora20

Setting up VLAN interfaces in Fedora20

VLAN is an acronym for Virtual Local Area Network. Several VLANs can co-exist on a single physical switch, which are configured via Linux software and not through hardware interface (you still need to configure actual hardware switch too).

Hardware Device Requirements
• To be able to use VLANs you will need a switch that support the IEEE 802.1q standard on an Ethernet network.
• You will also need a NIC (Network Interface Card) that works with Linux and support 802.1q standard.

Setting Up 802.1q VLAN Tagging

This is based on Fedora documentation, specifically F17-System Administrators Guide http://docs.fedoraproject.org/en-US/Fedora/17/html/System_Administrators_Guide/s2-networkscripts-interfaces_802.1q-vlan-tagging.html .
• First, ensure that the 8021q kernel module is loaded with the following command:
# lsmod | grep 8021q
# modprobe 8021q
is the command to load it if no output results from the grep command above.
• Configure the physical interface by editing the /etc/sysconfig/network-scripts/ifcfg-enp0s25 file, where enp0s25 is the name of the physical interface. The configuration file for the physical interface should look as follows:
DEVICE=enp0s25

TYPE=Ethernet

BOOTPROTO=none

ONBOOT=yes

• Copy the configuration file of the physical interface to a VLAN interface configuration file by appending a .(period) character and the VLAN ID number to the VLAN interface filename:
∘ # cp /etc/sysconfig/network-scripts/ifcfg-enp0s25{,.5}
creates a new file for our VLAN interface, the ID number of which is 5 within the system-wide network directory mentioned above.
• Edit the VLAN interface configuration file so that it matches the following example:
DEVICE=enp0s25.5

BOOTPROTO=static

ONBOOT=yes
IPADDR=192.168.1.1

NETMASK=255.255.255.0

USERCTL=no

NETWORK=192.168.1.0

VLAN=yes

• Restart the networking service
∘ # systemctl restart NetworkManager.service


If the network router is acting as the DHCP server (sharing a single IP address from the ISP), restarting the networking service as mentioned above might display some messages from the router with a different IP address if it's not configured to provide a static address to the interface.

Method 2: Using the vconfig Command

The vconfig program allows you to create and remove vlan-devices on a vlan-enabled kernel. VLAN-devices are virtual ethernet devices which represent the virtual LANs on the physical LAN. To add a virtual interface with ID number 5, for example, execute:
# vconfig add enp0s25 5

# ifconfig enp0s25.5
will show the newly-created VLAN interface along with its configured parameters.
• The ifconfig command can also be used to directly assign an IP address to the VLAN interface:
∘ # ifconfig enp0s25.5 192.168.1.100 255.255.255.0 broadcast 192.168.1.255 up
• To get more detailed information about the interface execute:
∘ # cat /proc/net/vlan/enp0s25


Method 3: ip command for VLANs

∘ # ip link add link enp0s25 name enp0s25.5 type vlan id 5

∘ # ip link

∘ # ip -d link show enp0s25.5
• Once again, as with ifconfig above, assign an IP address to the VLAN interface:
∘ # ip addr add 192.168.1.200/24 brd 192.168.1.255 dev enp0s25.5

∘ # ip link set dev enp0s25.5 up
• The enp0s25 interface will handle the traffic for both, the VLAN's address as well as its own; however, the VLAN's traffic will be tagged with a VLAN ID tag 5. Only VLAN-aware devices can accept the traffic using VLAN tagging.
• To remove the VLAN tagging from the IP packets, use the following commands:
∘ # ip link set dev enp0s25.5 down

∘ # ip link delete enp0s25.5

Popular posts from this blog

Password Policy in RHEL 7

In Red Hat Enterprise Linux 7, the pam_pwquality PAM module replaced pam_cracklib, which was used in Red Hat Enterprise Linux 6 as a default module for password quality checking. It uses the same back end as pam_cracklib.
The code was originally based on pam_cracklib module, and the module is backwards compatible with its options.

The pam_pwquality module can be customized and configured in the file /etc/security/pwquality.conf. The possible options in the file are: difok Number of characters in the new password that must not be present in the old password. (default 5)

minlen Minimum acceptable size for the new password (plus one if credits are not disabled which is the default). (See pam_pwquality(8).) Cannot be set to lower value than 6. (default 9)

dcredit The maximum credit for having digits in the new password. If less than 0 it is the minimum number of digits in the new password. (default 1)

ucredit T…
Read more

Centos 7 pulseaudio

Image
Centos 7 doesn't come with an option for `awesome-wm` installation.  Therefore, the only way to make use of this light-weight tiling manager one has to enable Fedora 19 repo or build the package from source.  For the Fedora 19 repo approach, see:

https://gist.github.com/ILMostro/1909a50e1858d0ee7e10

To use without GDM, GNOME's display manager, and without gnome services, one has to be aware of certain shortcomings that the gnome-services provide by default.  One such shortcoming is the lack of built-in Sound and Volume management.  Never fret, though, as there is a solution; namely, the PulseAudio-focused tools pavucontrol and pavumeter.  These packages are available from the "nux-desktop" repository available at at http://li.nux.ro/repos.html .
nux-desktop My unofficial, as-is, not for profit RPM repositories for EL (RHEL, CentOS, ScientificLinux etc): These repos may or may not be up to date or behave the way you expect them to; use them at your OWN RISK!

Some of…
Read more

wpa_supplicant and wifi in RHEL 7

If you have a desktop environment set up in Red Hat Enterprise Linux 7, chances are that you might have GNOME installed as it is the "default".  NetworkManager is pulled in as a dependency package of GNOME and it's integrated into gnome-shell in the top panel as a widget.  While NetworkManager is a great tool as it consolidates many different networking tools and facilitates the network configuration for many different use-cases, there might be instances where its broad reach becomes an obstacle rather than a benefit to system administrators.  One such instance is when dealing with network bridging.

Recently I was trying to set up a network bridge on my laptop, as it's equipped with a wifi adapter and an ethernet adapter, in order to dedicate the ethernet interface to a virtual machine in Red Hat 7--or at least to "share" it.  Bridged networking (also known as physical device sharing) is used to dedicate a physical device to a virtual machine. 
So, since w…
Read more