Repository :
http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
---------------------------------------------------------------
commit 3d6ee482e19057e3aaa351439858e03984ac9d79
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Thu Jul 17 21:48:45 2014 +0200
Updates after technical review
Thanks to J Tluka, Pavlix, and Petr Pisar for their help.
---------------------------------------------------------------
en-US/Configure_802_1Q_VLAN_Tagging.xml | 61 ++++++++++++++++++-------------
1 files changed, 35 insertions(+), 26 deletions(-)
diff --git a/en-US/Configure_802_1Q_VLAN_Tagging.xml
b/en-US/Configure_802_1Q_VLAN_Tagging.xml
index 10b1748..368fbf7 100644
--- a/en-US/Configure_802_1Q_VLAN_Tagging.xml
+++ b/en-US/Configure_802_1Q_VLAN_Tagging.xml
@@ -89,7 +89,7 @@
<bridgehead
id="bh-Saving_Your_New_or_Modified_Connection_and_Making_Further_Configurations-VLAN">Saving
Your New (or Modified) Connection and Making Further Configurations</bridgehead>
- <para>Once you have finished editing your VLAN connection, click the
<guibutton>Save</guibutton> button and
<application>NetworkManager</application> will immediately save your
customized configuration. Given a correct configuration, you can connect to your new or
customized connection by selecting it from the Notification Area applet. See <xref
+ <para>Once you have finished editing your VLAN connection, click the
<guibutton>Save</guibutton> button and
<application>NetworkManager</application> will immediately save your
customized configuration. Given a correct configuration, you can connect to your new or
customized connection by selecting it from the network connection icon's menu. See
<xref
linkend="sec-Connecting_to_a_Network_Using_a_GUI"/> for
information on using your new or altered connection.</para>
<para>You can further configure an existing connection by selecting it in
the <guilabel>Network</guilabel> window and clicking
<guilabel>Options</guilabel> to return to the
<guilabel>Editing</guilabel> dialog.</para>
<para>Then, to configure:</para>
@@ -184,7 +184,7 @@ ONBOOT=yes</screen>
</step>
<step>
<para>
- Configure the VLAN interface configuration in the <filename
class="directory">/etc/sysconfig/network-scripts/</filename> directory.
The configuration file name should be the physical interface plus a
<literal>.</literal> character plus the VLAN ID number. For example, if the
VLAN ID is 192, and the physical interface is <interface>eth0</interface>,
then the configuration file name should be
<filename>ifcfg-eth0.192</filename>:</para>
+ Configure the VLAN interface configuration in the <filename
class="directory">/etc/sysconfig/network-scripts/</filename> directory.
The configuration file name should be the physical interface plus a
<literal>.</literal> character plus the VLAN ID number. For example, if the
VLAN ID is 192, and the physical interface is <replaceable>eth0</replaceable>,
then the configuration file name should be
<filename>ifcfg-eth0.192</filename>:</para>
<screen>DEVICE=ethX.192
BOOTPROTO=none
ONBOOT=yes
@@ -192,15 +192,14 @@ IPADDR=192.168.1.1
NETMASK=255.255.255.0
USERCTL=no
NETWORK=192.168.1.0
-VLAN=yes
-NM_CONTROLLED=no</screen>
+VLAN=yes</screen>
<para>
- If there is a need to configure a second VLAN, with for example, VLAN ID 193, on
the same interface, <interface>eth0</interface>, add a new file with the name
<filename>eth0.193</filename> with the VLAN configuration
details.</para>
+ If there is a need to configure a second VLAN, with for example, VLAN ID 193, on
the same interface, <replaceable>eth0</replaceable>, add a new file with the
name <filename>eth0.193</filename> with the VLAN configuration
details.</para>
</step>
<step>
<para>
Restart the networking service in order for the changes to take effect. As
<systemitem class="username">root</systemitem> issue the following
command:</para>
- <screen>~]# <command>systemctl network
restart</command></screen>
+ <screen>~]# <command>systemctl restart
network</command></screen>
</step>
</procedure>
</section>
@@ -210,47 +209,57 @@ NM_CONTROLLED=no</screen>
<section id="sec-Configure_802_1Q_VLAN_Tagging_ip_Commands">
<title>Configure 802.1Q VLAN Tagging Using ip Commands</title>
<para>
-To create an 802.1Q VLAN interface on Ethernet interface
<interface>eth0</interface>, with name
<interface>VLAN8</interface> and ID <literal>8</literal>, issue a
command as <systemitem class="username">root</systemitem> as
follows:
- <screen>~]$ <command>ip link add link eth0 name eth0.8 type vlan id
8</command></screen>
+To create an 802.1Q VLAN interface on Ethernet interface
<replaceable>eth0</replaceable>, with name
<replaceable>VLAN8</replaceable> and ID <literal>8</literal>,
issue a command as <systemitem class="username">root</systemitem> as
follows:
+ <screen>~]# <command>ip link add link
<replaceable>eth0</replaceable> name
<replaceable>eth0.8</replaceable> type vlan id
8</command></screen>
To view the VLAN, issue the following command:
- <screen>~]$ <command>ip link</command>
-eth0.8@eth0: <ROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP mode DEFAULT</screen>
+ <screen>~]$ <command>ip -d link show
<replaceable>eth0.8</replaceable></command>
+4: eth0.8@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP mode DEFAULT
+ link/ether 52:54:00:ce:5f:6c brd ff:ff:ff:ff:ff:ff promiscuity 0
+ vlan protocol 802.1Q id 8 <REORDER_HDR></screen>
+</para>
+<para>
+ Note that the <application>ip</application> utility interprets the VLAN ID
as a hexadecimal value if it is preceded by <literal>0x</literal> and as an
octal value if it has a leading <literal>0</literal>. This means that in order
to assign a VLAN ID with a decimal value of <literal>22</literal>, you must
not add any leading zeros.
</para>
<para>
To remove the VLAN, issue a command as <systemitem
class="username">root</systemitem> as follows:
- <screen>~]# <command>ip link delete eth0.8</command></screen>
+ <screen>~]# <command>ip link delete
<replaceable>eth0.8</replaceable></command></screen>
</para>
<para>
VLAN interfaces created using <application>ip</application> commands at the
command prompt will be lost if the system is shutdown or restarted. To configure VLAN
interfaces to be persistent after a system restart, use
<filename>ifcfg</filename> files. See <xref
linkend="sec-Setting_Up_802.1Q_VLAN_Tagging_Using_ifcfg_Files" />
</para>
</section>
- <section
id="sec-Configure_802_1Q_VLAN_Tagging_sec-Using_the_NetworkManager_Command_Line_Tool_nmcli">
- <title>Configure 802.1Q VLAN Tagging Using the NetworkManager Command Line
Tool, nmcli</title>
+<section
id="sec-Configure_802_1Q_VLAN_Tagging_Using_the_Command_Line_Tool_nmcli">
+ <title>Configure 802.1Q VLAN Tagging Using the Command Line Tool,
nmcli</title>
<para>
- To create an 802.1Q VLAN connection profile for Ethernet interface
<interface>eth0</interface>, with name
<interface>VLAN10</interface> and ID <literal>10</literal>, issue
a command as follows:
- <screen>~]$ <command>nmcli con add type vlan ifname VLAN10 dev eth0 id
10</command>
+ To create an 802.1Q VLAN interface on Ethernet interface
<replaceable>eth0</replaceable>, with VLAN interface
<replaceable>VLAN10</replaceable> and ID <literal>10</literal>,
issue a command as follows:
+ <screen>~]$ <command>nmcli con add type vlan ifname
<replaceable>VLAN10</replaceable> dev
<replaceable>eth0</replaceable> id 10</command>
Connection 'vlan-VLAN10' (37750b4a-8ef5-40e6-be9b-4fb21a4b6d17) successfully
added.</screen>
-Further options for the VLAN command are listed in the VLAN section of the
<filename>nmcli(1)</filename> man page. In the man pages the device on which
the VLAN is created is referred to as the parent device. In the example above the device
was specified by its interface name, <interface>eth0</interface>, it can also
be specified by the connections UUID or MAC address.
+Note that as no <option>con-name</option> was given for the VLAN interface,
the name was derived from the interface name by prepending the type. Alternatively,
specify a name with <option>con-name</option> as follows:
+<screen>~]$ <command>nmcli con add type vlan con-name
<replaceable>VLAN12</replaceable> dev
<replaceable>eth0</replaceable> id 12</command>
+Connection 'VLAN12' (b796c16a-9f5f-441c-835c-f594d40e6533) successfully
added.</screen>
+</para>
+<para>
+Further options for the VLAN command are listed in the VLAN section of the
<filename>nmcli(1)</filename> man page. In the man pages the device on which
the VLAN is created is referred to as the parent device. In the example above the device
was specified by its interface name, <interface>eth0</interface>, it can also
be specified by the connection UUID or MAC address.
</para>
<para>
- To create an 802.1Q VLAN connection profile with ingress priority mapping on
Ethernet interface <interface>eth1</interface>, with name
<interface>VLAN1</interface> and ID <literal>13</literal>, issue a
command as follows:
- <screen>~]$ <command>nmcli con add type vlan con-name VLAN1 dev eth2
id 13 ingress "2:3,3:5"</command></screen>
+ To create an 802.1Q VLAN connection profile with ingress priority mapping on
Ethernet interface <replaceable>eth1</replaceable>, with name
<interface>VLAN1</interface> and ID <literal>13</literal>, issue a
command as follows:
+ <screen>~]$ <command>nmcli con add type vlan con-name
<replaceable>VLAN1</replaceable> dev
<replaceable>eth2</replaceable> id 13 ingress
"2:3,3:5"</command></screen>
</para>
<para>
To view all the parameters associated with the VLAN created above, issue a command as
follows:
- <screen>~]$ <command>nmcli connection show configured
vlan-VLAN10</command></screen>
+ <screen>~]$ <command>nmcli connection show
<replaceable>vlan-VLAN10</replaceable></command></screen>
</para>
<para>
To change the MTU, issue a command as follows:
- <screen>~]$ <command>nmcli connection modify vlan-VLAN10 802.mtu
1496</command></screen>
- The MTU setting determines the maximum size of the network layer packet. The
maximum size of the payload the link layer frame can carry in turn limits the network
layer MTU. For standard Ethernet frames this means an MTU of 1500 bytes. It should not be
necessary to change the MTU when setting up a VLAN as the link layer header is increased
in size by 4 bytes to accommodate the 802.1Q tag.
+ <screen>~]$ <command>nmcli connection modify
<replaceable>vlan-VLAN10</replaceable> 802.mtu
1496</command></screen>
+ The MTU setting determines the maximum size of the network layer packet. The
maximum size of the payload the link-layer frame can carry in turn limits the network
layer MTU. For standard Ethernet frames this means an MTU of 1500 bytes. It should not be
necessary to change the MTU when setting up a VLAN as the link-layer header is increased
in size by 4 bytes to accommodate the 802.1Q tag.
</para>
<para>
At time of writing, <literal>connection.interface-name</literal> and
<literal>vlan.interface-name</literal> have to be the same (if they are set).
They must therefore be changed simultaneously using
<application>nmcli</application>'s interactive mode. To change a VLAN
connections name, issue commands as follows:
- <screen>~]$ <command>nmcli con edit vlan-VLAN10</command>
-nmcli> <command>set vlan.interface-name superVLAN</command>
-nmcli> <command>nmcli con edit vlan-VLAN10</command>
+ <screen>~]$ <command>nmcli con edit
<replaceable>vlan-VLAN10</replaceable></command>
+nmcli> <command>set vlan.interface-name
<replaceable>superVLAN</replaceable></command>
+nmcli> <command>set connection.interface-name
<replaceable>superVLAN</replaceable></command>
nmcli> <command>save</command>
nmcli> <command>quit</command></screen>
</para>
@@ -273,11 +282,11 @@ nmcli> <command>quit</command></screen>
</para>
</listitem>
</itemizedlist>
-The state of the VLAN is synchronized to the state of the parent or master interface (the
interface or device on which the VLAN is created). If the parent interface is set to the
<quote>down</quote> administrative state then all associated VLANs are set
down and all routes are flushed from the routing table. Flag
<literal>0x04</literal> enables a <firstterm>loose
binding</firstterm> mode, in which only the operational state is passed from the
parent to the associated VLANs, but the VLAN device state is not changed.
+The state of the VLAN is synchronized to the state of the parent or master interface (the
interface or device on which the VLAN is created). If the parent interface is set to the
<quote>down</quote> administrative state then all associated VLANs are set
down and all routes are flushed from the routing table. Flag
<literal>0x04</literal> enables a <firstterm>loose
binding</firstterm> mode, in which only the operational state is passed from the
parent to the associated VLANs, but the VLAN device state is not changed.
</para>
<para>
To set a VLAN flag, issue a command as follows:
- <screen>~]$ <command>nmcli connection modify vlan-VLAN10 vlan.flags
0x01</command></screen>
+ <screen>~]$ <command>nmcli connection modify vlan-VLAN10 vlan.flags
1</command></screen>
</para>
<para>
See <xref linkend="sec-Using_the_NetworkManager_Command_Line_Tool_nmcli"
/> for an introduction to <application>nmcli</application>