Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to divide VLAN on Linux. It is very detailed and has certain reference value. Friends who are interested must finish reading it.

In some scenarios, we want to allocate multiple ip from different VLAN on the same network card on the Linux server (CentOS / RHEL). This can be achieved by enabling the VLAN tagging interface, but to achieve this, you must first ensure that multiple vlan are added to the switch.

Suppose we have a Linux server with two Ethernet cards (ens33 and ens38), the first network card (ens33) for data traffic and the second network card (ens38) for controlling / managing traffic. For data streams, multiple vlan will be used (multiple ip from different vlan will be allocated on the data stream Nic).

Suppose the port connected from the switch to the server data traffic Nic is configured as Trunk, by mapping multiple vlan to it. The following is the vlan mapped to the data traffic Nic:

VLAN ID (200), 172.168.10.0 Universe 24

VLAN ID (300), 172.168.20.0 Compact 24

Using the VLAN tagging interface on CentOS 7 / RHEL 7 / CentOS 8 / RHEL 8 systems, kernel module 8021q must be loaded.

Load the kernel module "8021q" using the following command

# list the modules first and find that there is no 8021q module. [root@localhost ~] # lsmod | grep-I 8021q # load module [root@localhost ~] # modprobe-- first-time 8021q [root@localhost ~] # lsmod | grep-I 8021q 8021q 33080 0 garp 14384 1 8021q mrp 18542 1 8021q

Use the modinfo command to list the information for 8021q:

[root@localhost ~] # modinfo 8021q

Now use the ip command to create vlan 200and vlan 300to ens33 network cards:

# create vlan 200and vlan 300 [root@localhost ~] # ip link add link ens33 name ens33.200 type vlan id 200 [root@localhost ~] # ip link add link ens33 name ens33.300 type vlan id 300

It is found that the link state of ens33.200 and ens33.300 is DOWN, and they are enabled below.

# enable vlan 200and vlan 300 [root@localhost ~] # ip link set ens33.200 up [root@localhost ~] # ip link set ens33.300 up

The following assigns ip addresses to the two vlan:

[root@localhost ~] # ip address add 172.168.10.51 dev ens33.200 24 dev ens33.200 [root@localhost ~] # ip address add 172.168.20.51 24 dev ens33.300

You can see that ens33.200 and ens33.300 have been configured with ip addresses.

But the VLAN and address added above using ip address will not be permanent. It no longer exists after rebooting the system. We need to save these configurations in the configuration file.

First modify the configuration file for ifcfg-ens33, and then create the ifcfg-ens33.200 and ifcfg-ens33.300 configuration files:

[root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=Ethernet BOOTPROTO=none DEVICE=ens33 ONBOOT=yes

Next, create a configuration file for vlan 200and name it ifcfg-ens33.200

[root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33.200 DEVICE=ens33.200 BOOTPROTO=none ONBOOT=yes IPADDR=172.168.10.51 PREFIX=24 NETWORK=172.168.10.0 VLAN=yes

Next, create a configuration file for vlan 300, named ifcfg-ens33.300

[root@localhost ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33.300 DEVICE=ens33.300 BOOTPROTO=none ONBOOT=yes IPADDR=172.168.20.51 PREFIX=24 NETWORK=172.168.20.0 VLAN=yes

After editing the configuration file, restart the network service.

[root@localhost ~] # systemctl restart network

You can see that none of vlan200300's messages have disappeared.

The above is all the contents of the article "how to divide VLAN on Linux". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.