Page 1 of 1

SOLVED - Setting up VLANs over team

Posted: 2019/08/21 17:36:55
by teleute
I'm trying to install OpenStack on a server to play with, so trying to start with a base CentOS 7 install. I have two network interfaces up, which are connected to a Nexus switch, where the ports are trunked (LACP). So on the CentOS installation I'm attempting to both team the interfaces and tag the traffic with just a single VLAN to start.

I should also note that NetworkManager is disabled, at the insistence of basically every OpenStack walkthrough I've seen.

On each of the interfaces, I modified the ifcfg files:
NAME=<int name>
UUID=<int id>
DEVICE=<dev name>
# those lines above, I didn't change
ONBOOT=yes
DEVICETYPE=TeamPort
TEAM_MASTER=team0
TEAM_PORT_CONFIG='{"prio":9}'

I then created ifcfg-team0, which looks like this:
DEVICE=team0
NAME=team0
DEVICETYPE=Team
TEAM_CONFIG='{"runner":{"name": "lacp"}}'
ONBOOT=yes
BOOTPROTO=none

Finally, I created ifcfg-team0.10:
DEVICE=team0.10
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.1.75
PREFIX=28
NETWORK=192.168.1.64
GATEWAY=192.168.1.65
VLAN=yes

This gateway is configured on the switch, and is pingable from elsewhere. I've restarted the network service numerous times. I can ping the IP address I gave the box, but nothing else, including the gateway IP.

I've never tried this before, so I'm sure I'm missing something small and dumb, but I just can't find it. Any suggestions? Thank you!

The team looks good - when I view the output of teamdctl team0 state with both links up, one down, etc... everything looks as expected.

Re: Setting up VLANs over team

Posted: 2019/08/21 19:12:26
by aks
Ignoring teamd for the moment.

Are you trying to tag on the interface? Why? Crazy - it's a network thing - do it one the network.

Anyway if you are - the interface "appear" as <IFNAME>.<TAG> - well at least traditionally (may have changed, not done this for a long time).

And then you aggregate those interfaces.

Seems wrong - to much state on the machine - push that state to the network and make it the responsibility of the network, will save you much cr*p.

One of k8s (of which red shift is a "member") issues really is "the network is flat, we don't care about the network. I can get everywhere from anywhere" - completely ignoring over 30 years of network (NAT was an early 90s thing, right?) jiggery-pokery and that's why all these overlays have become so critical .... and complex.

Also I don't know what you *really* trying to get to. If you're just playing then surely the thing is to get out of the VLAN game?

Re: Setting up VLANs over team

Posted: 2019/08/21 19:12:56
by aks
Also look at Calico if you want to limit what goes where in k8s.

Re: Setting up VLANs over team

Posted: 2019/08/21 19:50:37
by teleute
This is a bare metal install that will then have OpenStack on it, not Kubernetes. I need multiple VLANs within OpenStack for what I'm trying to test, and also the network I'm connecting to (that I don't have control over) requires tagging due to setup that is again outside of my control. So I don't know any way to make this work without tagging on the interface.

Re: Setting up VLANs over team

Posted: 2019/08/21 20:57:23
by teleute
ARGH - I knew it was something small and stupid. I misread what VLAN number went with this network. Put the right VLAN number and it's fine... :facepalm: