Xen and VLANs

Nothing you can't find elsewhere on the Internet in this post, just taking some notes.

This is for Debian Lenny (Xen 3.3). The idea is to connect eth0 to a switch that supports VLANs. The native VLAN is used, along with other VLANs.

  • Install the Debian "vlan" package.
    modprobe 8021q and/or add 8021q to /etc/modules.
  • Configure the native VLAN as usual (it's eth0 in /etc/networks/interfaces, later rewritten to peth0 by /etc/xen/scripts/network-bridge, while the "(v)eth0" inside Dom0 is connected back-to-back to vif0.0, which is added to the "eth0" bridge, formerly xenbr0).
  • For additional VLANs, here is an example:
    # VLAN 4 (private)
    auto vlan4
    iface vlan4 inet manual
      bridge_fd 0
      bridge_maxwait 0
      bridge_helo 0
      bridge_stp off
      # Connect (p)eth0.4 to the VLAN
      bridge_ports eth0.4
      # Show this system on the VLAN
      up /sbin/ifconfig vlan4 192.168.1.201/24
    
    The up /sbin/ifconfig ... is optional if the VLAN does not need to appear on Dom0.
  • Use network-bridge as usual in xend-config.sxp.
    Note that although eth0 is renamed to peth0, the VLAN subinterfaces (eth0.4, etc.) keep their original names (but "ip link" shows them as "eth0.4@peth0", for example, so really they are "peth0.4", etc.). Whatever the name, they remain connected to the bridge, which allows traffic to flow back and forth between the switch and the server.
  • Finally, use a specification like this one for the interface(s) on DomU domains:
    vif = [ 'mac=00:23:78:5C:41:A2, ip=192.168.1.202, 
             vifname=server-private, bridge=vlan4' ]
    
    Multiple VIFs can be added; one VIF per VLAN that needs to be connected. This can be used for private or public VLANs alike.

Update: You must have an IP address specified for your eth0 interface. I lost a couple servers during their installation phase that way.

posted: 2009-09-07 06:05

Written on September 7, 2009