Add a new directory linux-bridge-vlan with examples files showing
how to configure systemd-networkd to support a bridge VLAN
configuration.
Signed-off-by: Leigh Brown <leigh@solinno.co.uk>
---
tools/examples/linux-bridge-vlan/README | 68 +++++++++++++++++++
tools/examples/linux-bridge-vlan/br0.netdev | 7 ++
tools/examples/linux-bridge-vlan/br0.network | 8 +++
.../examples/linux-bridge-vlan/enp0s0.network | 16 +++++
4 files changed, 99 insertions(+)
create mode 100644 tools/examples/linux-bridge-vlan/README
create mode 100644 tools/examples/linux-bridge-vlan/br0.netdev
create mode 100644 tools/examples/linux-bridge-vlan/br0.network
create mode 100644 tools/examples/linux-bridge-vlan/enp0s0.network
diff --git a/tools/examples/linux-bridge-vlan/README b/tools/examples/linux-bridge-vlan/README
new file mode 100644
index 0000000000..83b9fa3fd6
--- /dev/null
+++ b/tools/examples/linux-bridge-vlan/README
@@ -0,0 +1,68 @@
+Linux Xen Dom0 single bridge multiple VLAN configuration with systemd
+=====================================================================
+
+Introduction
+------------
+
+This directory contains example files to be placed in /etc/systemd/network
+to enable a single bridge with multiple VLAN support.
+
+The example is to support the scenario where the Xen host network interface
+is connected to an Ethernet switch configured as a trunk port. Each domain
+VIF can then be configured with one or more VLAN IDs, one of which will be
+the PVID.
+
+The example files create a bridge device called br0, with a physical interface
+called enp0s0. You will need to update this with your system's device name.
+
+Key points of the configuration are:
+
+1. In br0.netdev, VLANFiltering=on is set. This is required to ensure the
+ VLAN tags are handled correctly. If it is not set then the packets
+ from the VIF interfaces will not have the correct VLAN tags set.
+
+2. In br0.network, a system IPv4 address is configured that can be updated
+ according to your local network settings.
+
+3. In enp0s0.network, Bridge=br0 sets the bridge device to connect to. There
+ is also a [BridgeVLAN] section for each VLAN you want to give access
+ to the switch. Note, if you want to create an internal VLAN private to
+ the host, do not include its VLAN ID in this file.
+
+
+Domain configuration
+--------------------
+
+Add the vlan= keyword to the vif definition in the domain. The simplest
+and most common example is a domain that wishes to connect to a single VLAN:
+
+vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10' ]
+
+If you wish to configure a domain to route between two VLANs, you have two
+options. Option 1 is to create multiple interfaces on different VLANs:
+
+vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10',
+ 'max=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=20' ]
+
+Alternatively, you can create single interface:
+
+vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10p/20' ]
+
+In the domain, you would, for example, use enX0 for VLAN 10 and enX0.20 for
+VLAN 20.
+
+
+Hints and tips
+--------------
+
+You can run the following commands on dom0 or a driver domain:
+
+1. To check if vlan_filtering is enabled:
+ # cat /sys/devices/virtual/net/<name>/bridge/vlan_filtering
+
+2. To check the bridge port VLAN assignments:
+ # bridge vlan
+
+3. To check the vlan setting in the xenstore (dom0 only):
+ # xenstore-ls -f | grep 'vlan ='
+
diff --git a/tools/examples/linux-bridge-vlan/br0.netdev b/tools/examples/linux-bridge-vlan/br0.netdev
new file mode 100644
index 0000000000..ae1fe487c3
--- /dev/null
+++ b/tools/examples/linux-bridge-vlan/br0.netdev
@@ -0,0 +1,7 @@
+[NetDev]
+Name=br0
+Kind=bridge
+MACAddress=xx:xx:xx:xx:xx:xx
+
+[Bridge]
+VLANFiltering=on
diff --git a/tools/examples/linux-bridge-vlan/br0.network b/tools/examples/linux-bridge-vlan/br0.network
new file mode 100644
index 0000000000..b56203b66a
--- /dev/null
+++ b/tools/examples/linux-bridge-vlan/br0.network
@@ -0,0 +1,8 @@
+[Match]
+Name=br0
+
+[Network]
+DNS=8.8.8.8
+#Domains=example.com
+Address=10.1.1.10/24
+Gateway=10.1.1.1
diff --git a/tools/examples/linux-bridge-vlan/enp0s0.network b/tools/examples/linux-bridge-vlan/enp0s0.network
new file mode 100644
index 0000000000..6ee3154dfc
--- /dev/null
+++ b/tools/examples/linux-bridge-vlan/enp0s0.network
@@ -0,0 +1,16 @@
+[Match]
+Name=enp0s0
+
+[Network]
+Bridge=br0
+
+# If Jumbo frames are required
+#[Link]
+#MTUBytes=9000
+
+[BridgeVLAN]
+VLAN=10
+
+[BridgeVLAN]
+VLAN=20
+
--
2.39.2On Wed, May 8, 2024 at 6:08 PM Leigh Brown <leigh@solinno.co.uk> wrote:> > Add a new directory linux-bridge-vlan with examples files showing > how to configure systemd-networkd to support a bridge VLAN > configuration. > > Signed-off-by: Leigh Brown <leigh@solinno.co.uk> > --- > tools/examples/linux-bridge-vlan/README | 68 +++++++++++++++++++ > tools/examples/linux-bridge-vlan/br0.netdev | 7 ++ > tools/examples/linux-bridge-vlan/br0.network | 8 +++ > .../examples/linux-bridge-vlan/enp0s0.network | 16 +++++ > 4 files changed, 99 insertions(+) > create mode 100644 tools/examples/linux-bridge-vlan/README > create mode 100644 tools/examples/linux-bridge-vlan/br0.netdev > create mode 100644 tools/examples/linux-bridge-vlan/br0.network > create mode 100644 tools/examples/linux-bridge-vlan/enp0s0.network I think putting these in docs/misc/linux-bridge-vlan/ might be a better location. > diff --git a/tools/examples/linux-bridge-vlan/README b/tools/examples/linux-bridge-vlan/README > new file mode 100644 > index 0000000000..83b9fa3fd6 > --- /dev/null > +++ b/tools/examples/linux-bridge-vlan/README > @@ -0,0 +1,68 @@ > +Linux Xen Dom0 single bridge multiple VLAN configuration with systemd > +===================================================================== > + > +Introduction > +------------ > + > +This directory contains example files to be placed in /etc/systemd/network > +to enable a single bridge with multiple VLAN support. > + > +The example is to support the scenario where the Xen host network interface > +is connected to an Ethernet switch configured as a trunk port. Each domain > +VIF can then be configured with one or more VLAN IDs, one of which will be > +the PVID. > + > +The example files create a bridge device called br0, with a physical interface > +called enp0s0. You will need to update this with your system's device name. > + > +Key points of the configuration are: > + > +1. In br0.netdev, VLANFiltering=on is set. This is required to ensure the > + VLAN tags are handled correctly. If it is not set then the packets > + from the VIF interfaces will not have the correct VLAN tags set. > + > +2. In br0.network, a system IPv4 address is configured that can be updated > + according to your local network settings. > + > +3. In enp0s0.network, Bridge=br0 sets the bridge device to connect to. There > + is also a [BridgeVLAN] section for each VLAN you want to give access > + to the switch. Note, if you want to create an internal VLAN private to For "for each VLAN you want to give access to the switch" do you mean: "for each VLAN you want connected with the external network" or "for each VLAN you want accessible on the external network" ? The "access to the switch" part I find unclear. > + the host, do not include its VLAN ID in this file. > +Domain configuration > +-------------------- > + > +Add the vlan= keyword to the vif definition in the domain. The simplest > +and most common example is a domain that wishes to connect to a single VLAN: > + > +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10' ] > + > +If you wish to configure a domain to route between two VLANs, you have two > +options. Option 1 is to create multiple interfaces on different VLANs: > + > +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10', > + 'max=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=20' ] Hard tab here makes the diff look off, but the file would be aligned. I think this is good content. I'm not familiar with the systemd networking stuff to give an R-b. But it's only examples, so I think it should be okay. I'm not a maintainer, but it would be an Acked-by, if I were. Regards, Jason
Hi Jason, On 2024-05-15 01:58, Jason Andryuk wrote: > On Wed, May 8, 2024 at 6:08 PM Leigh Brown <leigh@solinno.co.uk> > wrote:> >> Add a new directory linux-bridge-vlan with examples files showing >> how to configure systemd-networkd to support a bridge VLAN >> configuration. >> >> Signed-off-by: Leigh Brown <leigh@solinno.co.uk> >> --- >> tools/examples/linux-bridge-vlan/README | 68 >> +++++++++++++++++++ >> tools/examples/linux-bridge-vlan/br0.netdev | 7 ++ >> tools/examples/linux-bridge-vlan/br0.network | 8 +++ >> .../examples/linux-bridge-vlan/enp0s0.network | 16 +++++ >> 4 files changed, 99 insertions(+) >> create mode 100644 tools/examples/linux-bridge-vlan/README >> create mode 100644 tools/examples/linux-bridge-vlan/br0.netdev >> create mode 100644 tools/examples/linux-bridge-vlan/br0.network >> create mode 100644 tools/examples/linux-bridge-vlan/enp0s0.network > > I think putting these in docs/misc/linux-bridge-vlan/ might be a > better location. No problem, will move. >> diff --git a/tools/examples/linux-bridge-vlan/README >> b/tools/examples/linux-bridge-vlan/README >> new file mode 100644 >> index 0000000000..83b9fa3fd6 >> --- /dev/null >> +++ b/tools/examples/linux-bridge-vlan/README >> @@ -0,0 +1,68 @@ >> +Linux Xen Dom0 single bridge multiple VLAN configuration with systemd >> +===================================================================== >> + >> +Introduction >> +------------ >> + >> +This directory contains example files to be placed in >> /etc/systemd/network >> +to enable a single bridge with multiple VLAN support. >> + >> +The example is to support the scenario where the Xen host network >> interface >> +is connected to an Ethernet switch configured as a trunk port. Each >> domain >> +VIF can then be configured with one or more VLAN IDs, one of which >> will be >> +the PVID. >> + >> +The example files create a bridge device called br0, with a physical >> interface >> +called enp0s0. You will need to update this with your system's device >> name. >> + >> +Key points of the configuration are: >> + >> +1. In br0.netdev, VLANFiltering=on is set. This is required to ensure >> the >> + VLAN tags are handled correctly. If it is not set then the >> packets >> + from the VIF interfaces will not have the correct VLAN tags set. >> + >> +2. In br0.network, a system IPv4 address is configured that can be >> updated >> + according to your local network settings. >> + >> +3. In enp0s0.network, Bridge=br0 sets the bridge device to connect >> to. There >> + is also a [BridgeVLAN] section for each VLAN you want to give >> access >> + to the switch. Note, if you want to create an internal VLAN >> private to > > For > "for each VLAN you want to give access to the switch" > do you mean: > "for each VLAN you want connected with the external network" > or > "for each VLAN you want accessible on the external network" > ? > The "access to the switch" part I find unclear. > On re-reading it is not as clear as I'd hope - I will adjust. >> + the host, do not include its VLAN ID in this file. > > >> +Domain configuration >> +-------------------- >> + >> +Add the vlan= keyword to the vif definition in the domain. The >> simplest >> +and most common example is a domain that wishes to connect to a >> single VLAN: >> + >> +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10' ] >> + >> +If you wish to configure a domain to route between two VLANs, you >> have two >> +options. Option 1 is to create multiple interfaces on different >> VLANs: >> + >> +vif = [ 'mac=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=10', >> + 'max=xx:xx:xx:xx:xx:xx, bridge=br0, vlan=20' ] > > Hard tab here makes the diff look off, but the file would be aligned. Will fix up so all the indents are spaced, to be consistent. > I think this is good content. I'm not familiar with the systemd > networking stuff to give an R-b. But it's only examples, so I think > it should be okay. I'm not a maintainer, but it would be an Acked-by, > if I were. > > Regards, > Jason Regards, Leigh.
© 2016 - 2024 Red Hat, Inc.