The server I’m using for my LinuxMCE setup has the 1 NIC so I’ve been using eth0 and eth0:1 (eth0:1 is a virtual interface for eth0) for internal and external. It works fine, although not ideal to have 2 broadcast domains running on the switch ports. By using Vlans I can designate the devices that have access to which interface. This gives a closer configuration to having 2 cards without the need for an additional NIC.
Considerations
I read that not all NIC drivers support Vlan tagging. The one I used: Broadcom Corporation NetXtreme BCM5723 Gigabit Ethernet PCIe (rev 10).To support Vlans you need to be using atleast 1 managed switch, the switches I’m using are Cisco 2960-24-TTL’s. This post was also written using LinuxMCE 10.04 and the Vlans I’m using are 2 and 3. Cisco’s use Vlan 1 as their default.
Setup Server
Install vlan support and the 802.1q module:
apt-get install vlanmodprobe 8021q#Make sure it loads on start up. echo “8021q” >> /etc/modules
Vlan tagged interfaces are formatted: <physical interface and #>.<vlan #> For example mine is eth0.3 and eth0.2 – So now eth0 will have 2 vlans running through it, Vlan2 and Vlan3
Change /etc/network/interfaces:# — External NIC —iface eth0.2 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.254
pre-up sysctl -q -e -w net.ipv6.conf.eth0.2.disable_ipv6=1# — Internal NIC —
iface eth0.3 inet static
address 192.168.80.1
netmask 255.255.255.0
pre-up sysctl -q -e -w net.ipv6.conf.eth0.3.disable_ipv6=1
LinuxMCE gets it configuration from the MySQL database, if you follow this guide but change the info; Eg: mine is now:
“eth0.2,192.168.1.100,255.255.255.0,192.168.1.254,192.168.1.254,192.168.80.1|eth0.3,192.168.80.1,255.255.255.0″
Configure The switch
Use a Cisco serial cable to login to the switch, goto Enable mode, bring up the configuration terminal and make the port the server connects to a trunk, then make the changes to the rest of the ports as required.
!—Enable mode— en !—Configuration terminal— conf t ! !—Example of my setup— ! !– Internal VLAN example— interface FastEthernet0/23
switchport access vlan 3
switchport mode access
spanning-tree portfast ! !— External VLAN example— interface FastEthernet0/24 description ADSL Modem
switchport access vlan 2
switchport mode access
spanning-tree portfast !
!— Trunked port for the server— interface GigabitEthernet0/1
description DCERouter
switchport trunk allowed vlan 2,3
switchport mode trunk
The port to the server has to have “switchport trunk allowed” in this example because the network card isn’t a real trunked port, it’s just sending multiple vlans to a single port.
When testing the onfiguration, I rebooted first to make sure the configuration held. When it comes back up, go to a shell on the server and do an ifconfig to confirm.
eth0.2 Link encap:Ethernet HWaddr e4:11:5b:13:8f:37
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::e611:5bff:fe13:8f37/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:995190 errors:0 dropped:0 overruns:0 frame:0
TX packets:879237 errors:0 dropped:34 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:633340851 (633.3 MB) TX bytes:172399036 (172.3 MB)eth0.3 Link encap:Ethernet HWaddr e4:11:5b:13:8f:37
inet addr:192.168.80.1 Bcast:192.168.80.255 Mask:255.255.255.0
inet6 addr: fe80::e611:5bff:fe13:8f37/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:17201901 errors:0 dropped:0 overruns:0 frame:0
TX packets:18293164 errors:0 dropped:71 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3353936761 (3.3 GB) TX bytes:1029976482 (1.0 GB)
The only other change I had to make was to the DHCP server, you need to add the base NIC interface:
cat /etc/default/dhcp3-server
INTERFACES=”eth0.3 eth0“
Another concern was, I have the MD’s all set to turn off at times when they wont be used; eg: 11:30PM to 16:40PM the next day (Sunday to Thursday). To turn them on I use WOL (wake on lan), I can confirm this still works fine.
Refeerences & Links
- http://wiki.linuxmce.org/index.php/Single_to_Double_NIC
- http://linuxmce.wordpress.com/2007/10/03/hack-5-howto-modify-network-configuration/
Cheers.