Xen Networking with VLAN

When deploying virtual machines in network environments that are setup with several VLANs, it may be a good idea to provide the virtual Host with the necessary tagged VLANs. It is possible to untag the respective vlans in the controlling domain and setup bridges that only access a single VLAN.

For example, you may want to have a setup like this:

bond -> vlan -> bridge -> guest

All of the configurations are done in files below /etc/sysconfig/network.

  1. Setup a bond over the interfaces eth0 and eth1 in “ifcfg-bond0”:
    BONDING_MASTER=’yes’
    BONDING_MODULE_OPTS=’mode=active-backup miimon=100′
    BONDING_SLAVE0=’eth0′
    BONDING_SLAVE1=’eth1′
    BOOTPROTO=’none’
    STARTMODE=’auto’
  2. Configure the VLANs. You will need to know the exact number, for vlan2 the file would be named “ifcfg-vlan2”:
    ETHERDEVICE=’bond0′
    STARTMODE=’onboot’
  3. Setup a bridge on the vlan with a reasonable name. E.g. to call a bridge “management”, use the file “ifcfg-management”. Note, that you the IPADDR is only needed if you want to access the virtualization host over this IP:
    BOOTPROTO=’static’
    BRIDGE=’yes’
    BRIDGE_FORWARDDELAY=’0′
    BRIDGE_PORTS=’vlan2′
    BRIDGE_STP=’off’
    IPADDR=’192.168.1.1/24′
    STARTMODE=’auto’

When using multiple VLANs, the VLAN configuration and bridge setup must be done for each of the respective VLANs.

If you want to setup dedicated networks just for group of virtual guests, it is also possible to add an extra bridge for each of these groups. You can even extend that bridge over several virtual hosts by using a dedicated vlan.

Advertisements
This entry was posted in Networking, openSUSE, Xen. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s