[arch-general] [Solved] Re: VLAN config works only partially
Rainer Dorsch
ml at bokomoko.de
Sat Jan 22 18:47:34 UTC 2022
Excellent explanation Thore, many thanks.
I had VLAN ID1 marked as tagged on this port. I just added experimentally VLAN
ID99 as untagged (1,2,7 as before tagged). That immediately solved the problem
:-).
I was not aware that I can mix tagged and untagged ids on one port. But that
is a nice feature.
Thanks again for the explanation.
Rainer
Am Samstag, 22. Januar 2022, 18:50:48 CET schrieben Sie:
> Hi,
>
> I think your issue might be that you seem to have DHCP enabled for the
> enp2s0.network *and* enp2s0.1 which appear to be in the same layer 2
> domain.
>
> Usually VLAN id 1 is implicit as untagged/default.
> So if you configured the switch port to add VLAN ids 2 and 7 in tagged
> mode, VLAN id 1 likely remained the default untagged VLAN on this
> port.
> In this case, you don't need to define a VLAN device for VLAN id 1 as
> it already accesible directly on enp2s0.
>
> If you truely want to separate these 3 VLANs into their own VLAN
> devices, you should configure a different VLAN as untagged on this
> port (in the switch) and also stop doing DHCP on enp2s0 (only do that on
> the VLAN interfaces).
>
>
> Cheers,
> Thore
>
> On 22.01.22 18:40, Rainer Dorsch via arch-general wrote:
> > Hi,
> >
> > I configured my network with multiple VLANs. I started with the
> > description at
> >
> > https://wiki.archlinux.org/title/VLAN#systemd-networkd
> >
> >
> >
> > My current configuration:
> >
> > [n3150 ~]# cat /etc/systemd/network/enp2s0.network
> > [Match]
> > Name=enp2s0
> >
> > [Link]
> > ActivationPolicy=Manual
> >
> > [Network]
> > Description=The unconfigured physical ethernet device
> >
> > # In case of 'tagged only' setups, you probably don't need any IP
> > # configuration on the link without VLAN (or: default VLAN).
> > # For that just omit an [Address] section and disable all the
> > # autoconfiguration magic like this:
> > LinkLocalAddressing=no
> > LLDP=no
> > EmitLLDP=no
> > IPv6AcceptRA=no
> > IPv6SendRA=no
> >
> >
> > ;these are arbitrary names, but must match the *.netdev and *.network
> > files
> > VLAN=enp2s0.1
> > VLAN=enp2s0.2
> > VLAN=enp2s0.7
> >
> > [DHCPv4]
> > UseDNS=false
> > [n3150 ~]#
> >
> > The VLAN config is simple, e.g.
> >
> > n3150% cat /etc/systemd/network/enp2s0.2.netdev
> > [NetDev]
> > Name=enp2s0.2
> > Kind=vlan
> >
> > [VLAN]
> > Id=2%
> > n3150% cat /etc/systemd/network/enp2s0.2.network
> > [Match]
> > Name=enp2s0.2
> >
> > [Network]
> > DHCP=yes
> > Hostname=n3150-wlan
> >
> >
> > n3150%
> >
> >
> >
> > The resulting routes:
> >
> > n3150% ip route
> > default via 192.168.0.1 dev enp2s0.1 proto dhcp src 192.168.0.206 metric
> > 1024 default via 192.168.2.1 dev enp2s0.2 proto dhcp src 192.168.2.206
> > metric 1024 default via 192.168.7.1 dev enp2s0.7 proto dhcp src
> > 192.168.7.206 metric 1024 default via 192.168.0.1 dev enp2s0 proto dhcp
> > metric 20100
> > 192.168.0.0/24 dev enp2s0 proto kernel scope link src 192.168.0.206 metric
> > 100 192.168.0.0/24 dev enp2s0.1 proto kernel scope link src 192.168.0.206
> > metric 1024
> > 192.168.0.1 dev enp2s0.1 proto dhcp scope link src 192.168.0.206 metric
> > 1024 192.168.2.0/24 dev enp2s0.2 proto kernel scope link src
> > 192.168.2.206 metric 1024
> > 192.168.2.1 dev enp2s0.2 proto dhcp scope link src 192.168.2.206 metric
> > 1024 192.168.7.0/24 dev enp2s0.7 proto kernel scope link src
> > 192.168.7.206 metric 1024
> > 192.168.7.1 dev enp2s0.7 proto dhcp scope link src 192.168.7.206 metric
> > 1024 n3150%
> >
> > Unfortunately, the 192.168.0.* network is not reachable without explicitly
> > deleting the routes for enp2s0:
> >
> > [n3150 ~]# ping 192.168.0.30
> > PING 192.168.0.30 (192.168.0.30) 56(84) Bytes an Daten.
> > ^C
> > --- 192.168.0.30 ping-Statistik ---
> > 2 Pakete übertragen, 0 empfangen, 100% packet loss, time 1016ms
> >
> > [n3150 ~]# ip route del default via 192.168.0.1 dev enp2s0 proto dhcp
> > metric 20100
> > [n3150 ~]# ip route del 192.168.0.0/24 dev enp2s0 proto kernel scope link
> > src 192.168.0.206 metric 100
> > [n3150 ~]# ping 192.168.0.30
> > PING 192.168.0.30 (192.168.0.30) 56(84) Bytes an Daten.
> > 64 Bytes von 192.168.0.30: icmp_seq=1 ttl=64 Zeit=0.699 ms
> > 64 Bytes von 192.168.0.30: icmp_seq=2 ttl=64 Zeit=0.287 ms
> > ^C
> > --- 192.168.0.30 ping-Statistik ---
> > 2 Pakete übertragen, 2 empfangen, 0% packet loss, time 1010ms
> > rtt min/avg/max/mdev = 0.287/0.493/0.699/0.206 ms
> > [n3150 ~]#
> >
> > Can anybody tell how I can avoid the routes for enp2s0 get configured?
> >
> > Thanks
> > Rainer
>
> --
> Thore "foxxx0" Bödecker
>
> GPG ID: 0xEB763B4E9DB887A6
> GPG FP: 051E AD6A 6155 389D 69DA 02E5 EB76 3B4E 9DB8 87A6
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20220122/6f2b96fb/attachment.sig>
More information about the arch-general
mailing list