RHEL 802.1q / VLAN Tagging

From Brandonhutchinson.com

Revision as of 15:39, 21 March 2008 by Hutch (Talk | contribs)
Jump to: navigation, search



In this example on a RHEL 5 system, I take a bonded (mode 6, balance-alb) network interface and enable 802.1q, or "VLAN tagging." The bonded interface will be a member of two VLANs:

  • The "native VLAN" (in this example, VLAN 825). Frames for the native VLAN are not tagged, so no special configuration has to be performed for this VLAN. The bond0 interface is on the native VLAN with IP address and netmask
  • VLAN 1100 with IP address and netmask


Note: Once your network administrator enables 802.1q on the switch, your system may "fall off" the network if its network interface is not on the native VLAN (if applicable), as the host won't know how to handle VLAN-tagged frames until you perform the below steps.

Current boot environment

The following steps will enable 802.1q for your current session. The configuration will not be preserved across reboots.

  • Enable the 8021q kernel module.
# modprobe 8021q
  • Create a VLAN device on the bond0 interface for VLAN 1100.
# vconfig add bond0 1100
  • Configure the VLAN device.
# ifconfig bond0.1100 up

Preserving the changes across system boots

To preserve the 802.1 configuration changes across reboots, create appropriate /etc/sysconfig/network-scripts files.

e.g., /etc/sysconfig/network-scripts/ifcfg-bond0.1100


If you don't use a native VLAN

If you do not use a native VLAN, the configuration is a bit more complex. In this example, I'd have to:

  • Configure a bond0.825 interface.
  • Use GATEWAYDEV=bond0.825 in /etc/sysconfig/network so that the default route uses a tagged interface. I believe the default route would otherwise have used the untagged bond0 interface, which would cause problems communicating with other networks.
  • Potentially remove the network route through interface bond0. When bringing up bond0, which is a prerequisite to bringing up bond0.1100, the network route through device bond0 is created. When bringing up bond0.825, the network route through device bond0.825 is created. Having the same route with different devices appears to cause problems; I had to manually delete route through device bond0 to make this work.

Manually remove the network route 10.216.

  • I'd have to configure a bond0.825 interface.
  • I'd have to use GATEWAYDEV=bond0
Personal tools