HOWTO: Enable VLAN support in RedHat 9.0


Introduction

This is a summary of the steps I've taken to set up VLAN support on a vanilla RedHat 9.0 box, more for my own future reference than as a compreehensive setup guide.

The scenario is as follows:

The box we're setting up will be on the default VLAN (usually #1 in Cisco gear) and have access to a DHCP server in VLAN #10. For the sake of simplicity, that DHCP server assigns addresses in the 10.10.0.0/16 address block, and our box's eth0 is statically configured to be 10.0.0.1 (just so that the IP addresses below make sense).

Both boxes are connected to a Cisco switch. See the References section below for links to further information.

Now, on with the show.

Enabling kernel VLAN support:

This is the non-obvious bit:

# echo "VLAN=yes" >> /etc/sysconfig/network

This will load the appropriate kernel module upon reboot, and is the part that I had to wade through the init scripts to figure out (if it's documented somewhere, I definetly missed it).

Setting up the individual VLANs on a switch

Let's assume you have a Cisco switch handy, and that your server is hooked up to port #12. Telnet to the switch and type:

sw>ena
Password:
sw#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
sw(config)#interface fastEthernet 0/12
sw(config)#description RedHat 9 VLAN trunk - it pays to document things
sw(config)#switchport trunk encapsulation dot1q
sw(config)#switchport mode trunk
^Z
sw#

This tells the switch to send VLAN tagging to this port (generally this means all VLANs present in the switch).

Now let's set up the DHCP box at port #11. This machine will only have access to VLAN #10:

sw>ena
Password:
sw#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
sw(config)#interface fastEthernet 0/11
sw(config)#description VLAN 10 test client
sw(config)#switchport access vlan 10
^Z
sw#

Setting up a VLAN interface

Now back to our RedHat 9 box. To add a VLAN interface to the server and bind it to VLAN #10, all you need to do is create a new interface file:

# cat /etc/sysconfig/network-scripts/ifcfg-eth0.10
DEVICE=eth0.10
ONBOOT=yes
BOOTPROTO=dhcp

If you do a service network restart (or reboot), the new interface will pop up alongside the others, with the same MAC address but no hardware info:

# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:XX:XX:XX:XX:07
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:217 errors:0 dropped:0 overruns:0 frame:0
          TX packets:119 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:24863 (24.2 Kb)  TX bytes:17256 (16.8 Kb)
          Interrupt:5 Base address:0x1000 Memory:fc500000-fc500038

eth0.10   Link encap:Ethernet  HWaddr 00:XX:XX:XX:XX:07
          inet addr:10.10.0.251 Bcast:10.10.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1238 (1.2 Kb)  TX bytes:3544 (3.4 Kb)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:560 (560.0 b)  TX bytes:560 (560.0 b)

Adding Routes

Interface-specific routing for the above interface can be added by creating a file called route-eth0.10 (the default gateway is still the one associated with your gateway device (usually available in the environment the scripts run in as $GATEWAYDEV):

# cat /etc/sysconfig/network-scripts/route-eth0.10
10.1.1.0/24 via 10.10.0.254
192.168.51.0/24 via 10.10.0.254

Getting VLAN info from the kernel

The interesting part comes when you need to figure out what VLANs are defined on a box without going through the interfaces list. The kernel stores that info in the /proc/net/vlan directory, with a master config entry like so:

# cat /proc/net/vlan/config
VLAN Dev name    | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth0.10        | 10  | eth0

You can also get information on a specific VLAN interface like this:

# cat /proc/net/vlan/eth0.10
eth0.10  VID: 10         REORDER_HDR: 1  dev->priv_flags: 1
         total frames received:           10
          total bytes received:         1238
      Broadcast/Multicast Rcvd:            0

      total frames transmitted:           16
       total bytes transmitted:         3544
            total headroom inc:            0
           total encap on xmit:           16
Device: eth0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
EGRESSS priority Mappings:

Conclusion and References

And that's it. Stuff like priority mappings is not that interesting for most people, but anyone wanting to know more about VLAN support for Linux can visit the 802.1Q VLAN implementation for Linux page, which has links to further information.


See Also: