linux bridge two NICs with multiple VLANs and assign virtual IP
I'm trying to do some testing of linux bridging. I have a server with two NICs (eth1/eth2) and i want to bridge together, use multiple VLAN tags and assign an IP to a virtual interface in each VLAN for me to ping.
I have this so far:
ip link add br0 type bridge vlan_filtering 1
bridge vlan add dev br0 vid 1000 self
bridge vlan add dev br0 vid 1001 self
bridge vlan add dev eth1 vid 1000 pvid
bridge vlan add dev eth2 vid 1000 pvid
bridge vlan add dev eth1 vid 1001 pvid
bridge vlan add dev eth2 vid 1001 pvid
The bridge looks ok to me
bash-5.0# bridge vlan
port vlan ids
eth1 1000 PVID
1001 PVID
eth2 1000 PVID
1001 PVID
br0 1000 PVID
1001 PVID
But now i want to put something i can ping into vlan 1000 and vlan1001 to test Was trying to do this with a dummy interface but can't seem to make that work
Any tips? I believe the bridge config is good. We're expecting everything to be tagged
I assume you have a trunk mode with allowed VLANs 1000 and 1001 with LACP port-channel on your switch side?
if you are not using netplan, here is a network configuration file for you:
user@ubuntu-01:~$ cat /etc/network/interfaces
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto bond0
iface bond0 inet manual
slaves eth0 eth1
bond_mode 802.3ad
bond_miimon 100
auto vlan1000
iface vlan1000 inet manual
vlan_raw_device bond0
auto vlan1001
iface vlan1001 inet manual
vlan_raw_device bond0
auto br1000
iface br1000 inet static
bridge_ports vlan1000
address 192.168.1.200
netmask 255.255.255.0
gateway 192.168.1.254
dns-nameservers 8.8.8.8
auto xenbr1001
iface xenbr1001 inet manual
bridge_ports vlan1001
#IP IF NEEDED
#otherwise you may assign this bridge to the related VMs, containers etc
address 192.168.2.200
netmask 255.255.255.0
To apply just use ifup: sudo ifup bond0; sudo ifup br1000; sudo ifup br1001;
OR
Restart network service
OR
Reboot the machine
The easy way is use netplan.
I let you a example of how configure a VLAN using Netplan, To create a VLAN Interface you need follow these basic steps:
- Configure a Bridge Interface this is because virtual interfaces exist on the same physical interface
- Create sub interface to link a specific VLAN.
- Configure each sub interface and asign to virtual interface
- Link each virtual interface to VLAN ID and Physical interface
network:
ethernets:
# Disable DHCP to set IP address on interface enp6s0f0
enp6s0f0:
dhcp4: false
# Disable DHCP to set IP address on interface enp6s0f1
# Set Static IP Address.
enp6s0f1:
dhcp4: false
addresses: [192.168.0.10/24]
gateway4: 192.168.0.254
bridges:
# Create Bridge br0 on enp6s0f0
br0:
# Allow Bridge interface get IP address from DHCP using VLAN 0 / not tag
dhcp4: true
dhcp6: false
interfaces: [enp6s0f0]
# Create Bridge br0.10
br0.10:
# Link br0.10 to Virtual Interface vlan.10 this is a name only
interfaces: [vlan.10]
# Set static IP address on Virtual Interface
addresses: [192.168.1.10/24]
gateway4: 192.168.1.254
nameservers:
addresses:
- 8.8.8.8
- 8.8.4.4
parameters:
stp: false
forward-delay: 0
# Create Bridge interface br0.20
br0.20:
# Link br0.20 to Virtual Interface vlan.20 this is a name only
interfaces: [vlan.20]
parameters:
stp: false
forward-delay: 0
#Link virtual interface to VLAN
vlans:
# Link virtual interface vlan.10 and VLAN 10
vlan.10:
link: enp6s0f0
id: 10
# Link virtual interface vlan.20 and VLAN 20
vlan.20:
link: enp6s0f0
id: 20
version: 2
In this example the some virtual interfaces doesn't have IP address. If you need set a IP address the address is set on sub interfaces br0.X.
Netplan Doc