Re: Additional config doco for networking
On 12/02/13 01:20, Osamu Aoki wrote:
On Mon, Feb 11, 2013 at 03:42:15PM +1030, Kim wrote:
Hi folks,
I've been working on network config for hosting QEMU VMs on many VLANs.
The combination of multiple-interfaces/bonding/bridging/VLANs is not
on the network config page.
Ideally the target page would be;
http://wiki.debian.org/NetworkConfiguration
As this combination is really useful and not documented anywhere I
can find, what is the process for submitting this doco?
You can login to update pages after making account by your self.
Can I submit the doco in wiki.debian.org wiki markup?
Yes.
One reminder, ... if you are writing an elaborate document, please do
not clutter existing page too much. It is best to put short place
holder to link to new full page document of yours.
Osamu
See: http://wiki.debian.org/DebianWiki for guide to update pages
Attached is the patch for the wiki page.
Ideally, adding a section at the end of the page;
= How to create VMs on VLANs on Bridges on Ethernet Bonding
(Debian/Squeeze) =
If you guys are happy for me to apply this, I'll do it on the weekend.
Comments, suggestions welcome =)
regards,
Kim
= How to create VMs on VLANs on Bridges on Ethernet Bonding (Debian/Squeeze) =
When setting up the network stack for providing many VLANs to your VMs,
sometimes you need more redundancy than offered by a single NIC.
The following configuration example is logically arranged like this;
{{{
VMs => VLANs => Bridges => Bond => many NICs => many switch ports => many switches
}}}
== Additional Packages ==
Additional packages required for Debian/Stable;
* vlan - 802.1q, LACP, VLAN trunking
* ifenslave-2.6 - ethernet bonding or port-channels
* bridge-utils - utilities for configuring the Linux Ethernet bridge
* tcpdump - your friendly packet dumping program to inspect packet flow
Install the package dependencies for the network stack;
{{{
$ sudo apt-get install vlan ifenslave-2.6 bridge-utils tcpdump
}}}
== Changes to /etc/modules ==
To load the required modules, add the following lines to the end of {{{/etc/modules}}}
{{{
8021q
bonding
}}}
== Changes to /etc/network/interfaces ==
There are four parts in the equation;
* ethx - the raw ethernet interfaces
* bond0 - it contains all the ethernet interfaces
* bridges - they link the VLANs to the bond0 interface
* VLANs - they are the networks the VMs ''see''
Each of the following examples need to be edited in {{{/etc/network/interfaces}}}
These are the raw ethernet interfaces, they will be encapsulated
by the bond0 interface and do not need any configuration, so use ''manual''.
{{{
auto eth0
iface eth0 inet manual
auto eth1
iface eth1 inet manual
auto eth2
iface eth2 inet manual
auto eth3
iface eth3 inet manual
}}}
Encapsulate the {{{bond-slaves}}}, ie the raw ethernet interfaces,
using a {{{bond-mode}}} and {{{bond_xmit_hash_policy}}}.
In this case round robin by dest port + ip.
This transmit policy needs to be configured to match your switch configuration.
{{{
# Etherchannel interface - policy; round robin by dest port+ip
auto bond0
iface bond0 inet manual
bond-mode 2
bond-miimon 100
bond_xmit_hash_policy layer2+3
bond_lacp_rate slow
bond-slaves eth0 eth1 eth2 eth3
}}}
For each VLAN you need to present to your VMs, add a bridge interface,
using the VLAN id number in both the interface name and {{{bridge_ports}}} option.
Also make sure you set the {{{vlan-raw-device}}} option to use your bond
interface so it plumbs the packets to the right place.
In the following example {{{bridge_stp}}} has been set to {{{off}}},
match this up with your switch config.
{{{
# 10.0.0.0/24 - VLAN 1000
auto br1000
iface br1000 inet static
network 10.0.0.0
address 10.0.0.1
gateway 10.0.0.254
broadcast 10.0.0.255
netmask 255.255.255.0
vlan-raw-device bond0
bridge_ports bond0.1000
bridge_stp off
}}}
== VM network configuration ==
In the VM configuration for QEMU/KVM setting the network interfaces,
you can use the NIC device model: {{{hypervisor default}}} and select the
source device: {{{bridge 'br1000'}}}, as per the example above.
Reply to: