VLANs on Linux
Linux has long been able to connect to VLAN trunks with a kernel patch, and the functionality was integrated into the mainstream kernel in 2.4.14. Kernel 2.6 also supports VLAN trunking.
In order to use 802.1q trunking, simply set the CONFIG_VLAN_8021Q option when configuring your kernel. Depending on what Ethernet card you have, you may need to patch the driver to make VLANs work correctly. This process is discussed in greater detail later in the article.
As mentioned earlier, 802.1q works by tagging each frame with a 4-byte VLAN identifier. However, some Ethernet drivers assume the maximum frame size is 1,500 bytes. The addition of the 4-byte tag does not leave as much room for data. Thus, although small packets are sent and received correctly, large packets fail. The solution is either to drop the MTU of the VLAN device or to correct the assumptions of the driver.
Patches are available on the Linux VLAN Web site for a variety of cards (see Resources). Several drivers work correctly out of the box (or tar.gz, as the case may be), including the e100 driver for Intel-based cards.
Configuring VLANs under Linux is a process similar to configuring regular Ethernet interfaces. The main difference is you first must attach each VLAN to a physical device. This is accomplished with the vconfig utility. If the trunk device itself is configured, it is treated as native. For example, these commands define VLANs 2-4 on device eth0:
vconfig add eth0 2 vconfig add eth0 3 vconfig add eth0 4
The vconfig program can set a variety of other options, including device-naming conventions. Hereafter, these are assumed to be at their defaults.
Once the virtual interfaces are defined, they can be used in the same way as other interfaces. The standard utilities, such as ifconfig and route, all accept VLAN interfaces and behave as expected. For example, all VLAN interfaces can be listed with ifconfig -a.
Depending on your distribution, support may be available for automatically configuring VLANs on startup. Debian 3.0 or greater supports this support, but Red Hat and Fedora currently do not. For other distributions, you simply need to write a script that executes vconfig prior to the main network startup scripts.
Because the configuration interfaces for different brands of switches all are different, the focus of this section is the common Cisco 2924. All switch configurations are from this model but should work with little change on other IOS-based switches. A variety of configuration commands are related to trunking, but only the most basic are covered here. The samples also assume the ports all have a default configuration. Specifically, this means all ports are configured as access ports in VLAN 1.
This article focuses on the Linux side of the configuration, so only a basic explanation of the switch commands are given. Listing 1 is a configuration fragment that could be entered into a Cisco Catalyst 2924 switch. See Resources for URLs to complete documentation of these commands.
Listing 1. Configuring a Cisco Catalyst 2924 Switch
interface FastEthernet 0/1 switchport mode trunk switchport trunk encapsulation dot1q switchport trunk native vlan 1 interface FastEthernet 0/2 switchport access vlan 2
The commands here are fairly self explanatory if you are familiar with the VLAN terminology presented earlier. Briefly, the first section converts the first port into a trunk running 802.1q encapsulation with native VLAN 1. The second section simply moves port 2 into VLAN 2.
It is important to see how VLANs are configured and operating on the switch. The first task is to see the status of a particular port. This can be done with show interfaces <interface> switchport command.
Listing 2. show interfaces <interface> switchport
#show interfaces FastEthernet 0/1 switchport Name: Fa0/1 Switchport: Enabled Administrative mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Disabled Access Mode VLAN: 0 ((Inactive)) Trunking Native Mode VLAN: 1 (VLAN0001) Trunking VLANs Enabled: ALL Trunking VLANs Active: 1-5 Pruning VLANs Enabled: 6-1001 ...
Probably the most useful command is the show vlan command. It shows you a table indicating which ports are in which VLANs.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Peppermint 7 Released
- Sony Settles in Linux Battle
- Libarchive Security Flaw Discovered
- Client-Side Performance
- Maru OS Brings Debian to Your Phone
- Profiles and RC Files
- Snappy Moves to New Platforms
- The Giant Zero, Part 0.x
- Git 2.9 Released
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide