Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git On branch : master commit b78e4f9a8352de20ce1d7ff00d79ebd2bf282955 Author: Stephen Wadeley <swadeley(a)redhat.com&gt; Date: Thu Dec 18 22:56:19 2014 +0100 Improvements to 802.1Q VLAN from the upstream version en-US/Configure_802_1Q_VLAN_Tagging.xml | 92 +++++++++++++++++++++++++++--- 1 files changed, 82 insertions(+), 10 deletions(-) diff --git a/en-US/Configure_802_1Q_VLAN_Tagging.xml b/en-US/Configure_802_1Q_VLAN_Tagging.xml index f6bdd43..dc5852c 100644 --- a/en-US/Configure_802_1Q_VLAN_Tagging.xml +++ b/en-US/Configure_802_1Q_VLAN_Tagging.xml @@ -104,7 +104,7 @@ Some older network interface cards, loopback interfaces, Wimax cards, and some I </step> <step> - <para>Select the connection you wish to edit and click the <guilabel>Options</guilabel> button.</para> + <para>Select the connection you want to edit and click the <guilabel>Options</guilabel> button.</para> </step> <step> <para>Select the <guilabel>General</guilabel> tab.</para> @@ -136,7 +136,7 @@ Some older network interface cards, loopback interfaces, Wimax cards, and some I <bridgehead id="bh-Saving_Your_New_or_Modified_Connection_and_Making_Further_Configurations-VLAN">Saving Your New (or Modified) Connection and Making Further Configurations</bridgehead> - <para>Once you have finished editing your VLAN connection, click the <guibutton>Save</guibutton> button to save your customized configuration. To make <application>NetworkManager</application> apply the changes, power cycle the interface. See <xref + <para>Once you have finished editing your VLAN connection, click the <guibutton>Save</guibutton> button to save your customized configuration. If the profile was in use while being edited, power cycle the connection to make <application>NetworkManager</application> apply the changes. If the profile is OFF, set it to ON. See <xref linkend="sec-Connecting_to_a_Network_Using_a_GUI"/> for information on using your new or altered connection.</para> <para>You can further configure an existing connection by selecting it in the <guilabel>Network</guilabel> window and clicking <guilabel>Options</guilabel> to return to the <guilabel>Editing</guilabel> dialog.</para> <para>Then, to configure:</para> @@ -223,7 +223,7 @@ See the <filename>modprobe(8)</filename> man page for more command options. <section id="sec-Setting_Up_802.1Q_VLAN_Tagging_Using_ifcfg_Files"> <title>Setting Up 802.1Q VLAN Tagging Using ifcfg Files</title> <procedure> - <step><para>Configure your physical interface in <filename>/etc/sysconfig/network-scripts/ifcfg-eth<replaceable>X</replaceable></filename>, where <replaceable>X</replaceable> is a unique number corresponding to a specific interface, as follows:</para> + <step><para>Configure the parent interface in <filename>/etc/sysconfig/network-scripts/ifcfg-eth<replaceable>X</replaceable></filename>, where <replaceable>X</replaceable> is a unique number corresponding to a specific interface, as follows:</para> <screen>DEVICE=ethX TYPE=Ethernet BOOTPROTO=none @@ -231,7 +231,7 @@ ONBOOT=yes</screen> </step> <step> <para> - Configure the VLAN interface configuration in the <filename class="directory">/etc/sysconfig/network-scripts/</filename> directory. The configuration file name should be the physical interface plus a <literal>.</literal> character plus the VLAN ID number. For example, if the VLAN ID is 192, and the physical interface is <replaceable>eth0</replaceable>, then the configuration file name should be <filename>ifcfg-eth0.192</filename>:</para> + Configure the VLAN interface configuration in the <filename class="directory">/etc/sysconfig/network-scripts/</filename> directory. The configuration file name should be the parent interface plus a <literal>.</literal> character plus the VLAN ID number. For example, if the VLAN ID is 192, and the parent interface is <replaceable>eth0</replaceable>, then the configuration file name should be <filename>ifcfg-eth0.192</filename>:</para> <screen>DEVICE=ethX.192 BOOTPROTO=none ONBOOT=yes @@ -250,8 +250,6 @@ VLAN=yes</screen> </procedure> </section> -</section> - <section id="sec-Configure_802_1Q_VLAN_Tagging_ip_Commands"> <title>Configure 802.1Q VLAN Tagging Using ip Commands</title> <para> @@ -272,23 +270,97 @@ To create an 802.1Q VLAN interface on Ethernet interface <replaceable>eth0</repl </para> <note> <para> - VLAN interfaces created using <application>ip</application> commands on the command line will be lost if the system is shutdown or restarted. To configure VLAN interfaces to be persistent after a system restart, use <filename>ifcfg</filename> files. See <xref linkend="sec-Setting_Up_802.1Q_VLAN_Tagging_Using_ifcfg_Files" /> + VLAN interfaces created using <application>ip</application> commands at the command prompt will be lost if the system is shutdown or restarted. To configure VLAN interfaces to be persistent after a system restart, use <filename>ifcfg</filename> files. See <xref linkend="sec-Setting_Up_802.1Q_VLAN_Tagging_Using_ifcfg_Files" /> </para> </note> </section> +</section> <section id="sec-Configure_802_1Q_VLAN_Tagging_Using_the_Command_Line_Tool_nmcli"> <title>Configure 802.1Q VLAN Tagging Using the Command Line Tool, nmcli</title> + <para> + To view the available interfaces on the system, issue a command as follows: + <screen>~]$&nbsp;<command>nmcli con show</command> +NAME UUID TYPE DEVICE +System eth1 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04 802-3-ethernet eth1 +System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet eth0</screen> +Note that the NAME field in the output always denotes the connection ID. It is not the interface name even though it might look the same. +The ID can be used in <command>nmcli connection</command> commands to identify a connection. Use the DEVICE name with other applications such as <systemitem class="daemon">firewalld</systemitem>. + </para> <para> To create an 802.1Q VLAN interface on Ethernet interface <replaceable>eth0</replaceable>, with VLAN interface <replaceable>VLAN10</replaceable> and ID <literal>10</literal>, issue a command as follows: <screen>~]$&nbsp;<command>nmcli con add type vlan ifname <replaceable>VLAN10</replaceable> dev <replaceable>eth0</replaceable> id 10</command> Connection 'vlan-VLAN10' (37750b4a-8ef5-40e6-be9b-4fb21a4b6d17) successfully added.</screen> -Note that as no <option>con-name</option> was given for the VLAN interface, the name was derived from the interface name by prepending the type. Alternatively, specify a name with <option>con-name</option> as follows: +Note that as no <option>con-name</option> was given for the VLAN interface, the name was derived from the interface name by prepending the type. Alternatively, specify a name with the <option>con-name</option> option as follows: <screen>~]$&nbsp;<command>nmcli con add type vlan con-name <replaceable>VLAN12</replaceable> dev <replaceable>eth0</replaceable> id 12</command> Connection 'VLAN12' (b796c16a-9f5f-441c-835c-f594d40e6533) successfully added.</screen> </para> + +<bridgehead id="bh-Assigning_Addresses_to_VLAN_Interfaces">Assigning Addresses to VLAN Interfaces</bridgehead> +<para> + You can use the same <application>nmcli</application> commands to assign static and dynamic interface addresses as with any other interface.</para> + <para> + For example, a command to create a VLAN interface with a static <systemitem class="protocol">IPv4</systemitem> address and gateway is as follows: + <screen>~]$&nbsp;<command>nmcli con add type vlan con-name <replaceable>VLAN20</replaceable> ifname <replaceable>eth0</replaceable> ip4 10.10.10.10/24 \</command> +<command>gw4 10.10.10.254</command></screen></para> +<para> +To create a VLAN interface with dynamically assigned addressing, issue a command as follows: + <screen>~]$&nbsp;<command>nmcli con add type vlan con-name <replaceable>VLAN30</replaceable> ifname <replaceable>eth0</replaceable></command></screen> + </para> + <para> + See <xref linkend="sec-Connecting_to_a_Network_Using_nmcli" /> for examples of using <application>nmcli</application> commands to configure interfaces. + </para> + +<para> + To review the VLAN interfaces created, issue a command as follows: + <screen>~]$&nbsp;<command>nmcli con show</command> +NAME UUID TYPE DEVICE +VLAN12 4129a37d-4feb-4be5-ac17-14a193821755 vlan eth0.12 +System eth1 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04 802-3-ethernet eth1 +System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet eth0 +vlan-VLAN10 1be91581-11c2-461a-b40d-893d42fed4f4 vlan VLAN10</screen> + +</para> +<para> + To view detailed information about the newly configured connection, issue a command as follows: + <screen>~]$&nbsp;<command>nmcli -p con show <replaceable>VLAN12</replaceable></command> +=============================================================================== + Connection profile details (VLAN12) +=============================================================================== +connection.id: VLAN12 +connection.uuid: 4129a37d-4feb-4be5-ac17-14a193821755 +connection.interface-name: -- +connection.type: vlan +connection.autoconnect: yes +<lineannotation>…</lineannotation> +------------------------------------------------------------------------------- +802-3-ethernet.port: -- +802-3-ethernet.speed: 0 +802-3-ethernet.duplex: -- +802-3-ethernet.auto-negotiate: yes +802-3-ethernet.mac-address: -- +802-3-ethernet.cloned-mac-address: -- +802-3-ethernet.mac-address-blacklist: +802-3-ethernet.mtu: auto +<lineannotation>…</lineannotation> +vlan.interface-name: -- +vlan.parent: eth0 +vlan.id: 12 +vlan.flags: 0 (NONE) +vlan.ingress-priority-map: +vlan.egress-priority-map: +------------------------------------------------------------------------------- +=============================================================================== + Activate connection details (4129a37d-4feb-4be5-ac17-14a193821755) +=============================================================================== +GENERAL.NAME: VLAN12 +GENERAL.UUID: 4129a37d-4feb-4be5-ac17-14a193821755 +GENERAL.DEVICES: eth0.12 +GENERAL.STATE: activating +<lineannotation>[output truncated]</lineannotation></screen> +</para> <para> -Further options for the VLAN command are listed in the VLAN section of the <filename>nmcli(1)</filename> man page. In the man pages the device on which the VLAN is created is referred to as the parent device. In the example above the device was specified by its interface name, <interface>eth0</interface>, it can also be specified by the connection UUID or MAC address. +Further options for the VLAN command are listed in the VLAN section of the <filename>nmcli(1)</filename> man page. In the man pages the device on which the VLAN is created is referred to as the parent device. In the example above the device was specified by its interface name, <literal>eth0</literal>, it can also be specified by the connection UUID or MAC address. </para> <para> To create an 802.1Q VLAN connection profile with ingress priority mapping on Ethernet interface <replaceable>eth1</replaceable>, with name <interface>VLAN1</interface> and ID <literal>13</literal>, issue a command as follows: @@ -337,7 +409,7 @@ The state of the VLAN is synchronized to the state of the parent or master inter <screen>~]$&nbsp;<command>nmcli connection modify vlan-VLAN10 vlan.flags 1</command></screen> </para> <para> - See <xref linkend="sec-Using_the_NetworkManager_Command_Line_Tool_nmcli" /> for an introduction to <application>nmcli</application> + See <xref linkend="sec-Using_the_NetworkManager_Command_Line_Tool_nmcli" /> for an introduction to <application>nmcli</application>. </para> </section>