Vlans on bond ubuntu 1804

vot4anto · June 17, 2020, 9:31pm

I’m in trouble with network configuration.
Ubuntu 1804 as host and netplan configuration is the follow:

  version: 2
  renderer: networkd
  ethernets:
    eth0:
      addresses:
        - 172.16.12.209/24
      gateway4: 172.16.12.10
      nameservers:
          search: [name.company]]
          addresses: [172.16.12.218, 172.16.12.208]
  bridges:
    br0:
      addresses:
        - 172.16.12.55/24
      gateway4: 172.16.12.10
      nameservers:
          search: [name.company]
          addresses: [172.16.12.218, 172.16.12.208]
      interfaces:
        - bond0
  bonds:
    bond0:
      dhcp4: no
      interfaces:
        - eth3
        - eth2
          parameters:
              mode: active-backup
              primary: eth3
  ethernets:
    eth2:
      addresses: []
      dhcp4: false
      dhcp6: false
    eth3:
      addresses: []
      dhcp4: false
      dhcp6: false

  bridges:
    br10:
      dhcp4: no
      interfaces:
        - vlan10
  bridges:
    br310:
      dhcp4: no
      interfaces:
        - vlan310
  vlans:
    vlan10:
      id: 10 
      link: bond0
    vlan310:
      id: 310 
      link: bond0

lxc network list
+---------+----------+---------+-------------+---------+
|  NAME   |   TYPE   | MANAGED | DESCRIPTION | USED BY |
+---------+----------+---------+-------------+---------+
| bond0   | bond     | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| br0     | bridge   | NO      |             | 1       |
+---------+----------+---------+-------------+---------+
| br10    | bridge   | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| br310   | bridge   | NO      |             | 2     |
+---------+----------+---------+-------------+---------+
| eth0    | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| eth1    | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| eth2    | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| eth3    | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| idrac   | physical | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| vlan10  | vlan     | NO      |             | 0       |
+---------+----------+---------+-------------+---------+
| vlan310 | vlan     | NO      |             | 0       |
+---------+----------+---------+-------------+---------+

And I attach the eth0 of ubuntu and centos container to br310, I have a dhcp server configured on vlan310 but I don’t have IP address on either of the container.
If I do a tcpdump I can see on bond0 and also on br0:

 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:16:3e:49:bc:38, length 276

where the mac address listed is the one of the centos8 container and similar behavior for the ubuntu container. Also if I setup a static IP on those interfaces don’t work and I can’t ping the default gateway.

Also do the follow:

lxc network attach vlan310 centos8
Error: Failed to start device "vlan310": Failed to run: ip link add dev mac7b45ee8b link vlan310 type macvlan mode bridge: RTNETLINK answers: Device or resource busy

Thanks for any suggestion

tomp · June 18, 2020, 8:42am

What worries me about your setup here is that you have 3 interfaces using bond0.

First, you have bridge br0 which is attaching bond0 into it.
Secondly, you have vlans 10 and 310 using bond0 directly.

I’ve never tried such a setup, but generally speaking you shouldn’t use an interface for anything else once it has been attached to a bridge. This is because when an interface is attached to a bridge, the packets coming into the interface are intercepted and moved onto the bridge.

What version of LXD are you using, as it would seem that the recent support for using VLAN filtering in bridges would be well suited to your situation (and avoid the need for using macvlan).

vot4anto · June 18, 2020, 9:06am

It works!!!

The errors is on the Dell switch configuration and the uncorret tag for the VLAN and not host side.
I setup this configuration follow an example to implement bond and brigde with netplan:
https://www.aptgetlife.co.uk/setting-up-a-bond-and-bridge-in-netplan-on-ubuntu-18-04/

and after configure vlan to use that configuration

vot4anto · June 18, 2020, 9:09am

But, please can you share me how do you think to implement ?
I don’t understan how you configure the vlan

tomp · June 18, 2020, 9:30am

Ah thats good to know. The VLAN interception must occur before the bridge path.

For example you shouldn’t add an IP address to bond0 interface as that won’t work.

The VLAN filtering feature is described here: Weekly status #151

Basically you wouldn’t use macvlan NICs, but instead use only bridged NICs and have your br0 bridge behave like your Dell switch does and pass certain VLANs to certain ports (either tagged or untagged).

Here’s an example:

ip link add name br0 type bridge # Create bridge
echo 1 > /sys/class/net/br0/bridge/vlan_filtering # Enable VLAN filtering on bridge
ip link set dev bond0 master br0 # Add bond0 to it
bridge vlan add dev bond0 vid 10 # Add bond0 as a tagged member of VLAN 10
bridge vlan add dev bond0 vid 11 # Add bond0 as a tagged member of VLAN 11

bridge vlan show
port	vlan ids
bond0	 1 PVID Egress Untagged
	 10
	 11

Now in LXD you can create an instance with a bridged NIC and specify which VLAN it belongs to:

lxc init images:ubuntu/focal c1
lxc config device add c1 eth0 nic nictype=bridged parent=br0 vlan=10

This will join it to the bridge, and set the untagged VLAN membership to VLAN 10.

I’m not sure if netplan supports setting up br0 in that way yet though, so using networkd or a manual systemd unit may be needed.