Hejmo
Contributor
Contributor

How to configure working VLAN

After 2 days trying to do this myself, I need help.

Hardware

  • Small Xeon Server with 2 NICs, eth0 and eth1
  • eth0 would be for management
  • eth1 would be for communication with other devices and WEB access
    • connected to router.  Tagged

Network

  • pfSense with a few VLANS
    • VLAN=10 for IOT
    • VLAN=40 for SURVEIL
    • VLAN=115 for GUESTs on Wifi (not useful here but works fine on OpenWRT)

This network is working well in TrueNAS where management is over en0 and tagged VLANs enter through en1
This network (VLAN10 and VLAN115) is working well on my OpenWRT WiFi accesspoint (dumb switch)

The goal
I want to keep TrueNAS solely for serving files and move all the jails and the one VM on to Photon/Docker

Since some of the clients are either on VLAN10 (Android Apps) or VLAN40 and will only detect their related servers if they are on the same subnets, I want to have eth1 getting Tagged data from VLAN10 and VLAN40 and "connect" the VLANs to appropriate containers.

Here is what I have done yet

 

 

/etc/systemd/network/99-eth0.network
[Match]
Name=eth0

[Network]
DHCP=ipv4
IPv6AcceptRA=no


[ /etc/systemd/network/99-eth1.network
[Match]
Name=eth1

[Network]
DHCP=no
VLAN=eth1.10
VLAN=eth1.40


/etc/systemd/network/10-eth1.10.netdev
[NetDev]
Name=eth1.10
Kind=vlan

[VLAN]
Id=10


/etc/systemd/network/10-eth1.10.network
[Match]
Name=eth1.10

[LINK]
MACAddress=95:73:ce:f7:56:fe            #random MAC diffent than eth1 MAC

[Network]
Description=Interface pour vlan 10 IOT
DHCP=ipv4
IPv6AcceptRA=no


/etc/systemd/network/10-eth1.40.netdev
[NetDev]
Name=eth1.40
Kind=vlan

[VLAN]
Id=40


/etc/systemd/network/10-eth1.40.network
[Match]
Name=eth1.40
Type=vlan

[LINK]
MACAddress=7b:be:b1:d6:37:66            #Another random MAC

[Network]
Description=Interface pour vlan 40 surveil
DHCP=ipv4

 

 

Now, when I do this, here is the result even after reboot

 

 

eth1      Link encap:Ethernet  HWaddr xx:xx:xx:xx:c5:4d          #I masked this
          inet6 addr: fe80::21e:67ff:fea4:c54d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:696 errors:0 dropped:0 overruns:0 frame:0
          TX packets:240 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:277851 (277.8 KB)  TX bytes:20601 (20.6 KB)
          Memory:b1100000-b117ffff

eth1.10   Link encap:Ethernet  HWaddr xx:xx:xx:xx:c5:4d             # The MAC in
                                                                    # the .network file has not been kept
                                                                    # and so it's the same MAC as the
                                                                    # NIC
          inet addr:10.0.10.226  Bcast:10.0.10.255  Mask:255.255.255.0
          inet6 addr: fe80::21e:67ff:fea4:c54d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:271 errors:0 dropped:0 overruns:0 frame:0
          TX packets:193 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:246072 (246.0 KB)  TX bytes:16261 (16.2 KB)

eth1.40   Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx             # The MAC in
                                                                    # the .network file has not been kept
                                                                    # and so it's the same MAC as the
                                                                    # NIC
          inet addr:10.0.40.16  Bcast:10.0.40.255  Mask:255.255.255.0
          inet6 addr: fe80::21e:67ff:fea4:c54d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:290 errors:0 dropped:0 overruns:0 frame:0
          TX packets:32 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14002 (14.0 KB)  TX bytes:3194 (3.1 KB)

 

 

The stack of this seems different from how it's working in TrueNAS (freeBSD) or my OpenWRT (not systemd/netoworkd)

Any help would be gladly appreciated.

0 Kudos
1 Reply
Hejmo
Contributor
Contributor

I was reading on the Docker's documentation.

Since my goal is to allow a IOT DLNA client (on VLAN10) to access a DLNA server housed in a Docker Container on VLAN10.

Is it possible, pertaining to my original post, that I have taken this the wrong way and instead of trying to set my devices in Photon I should rather have been using Docker's "macvlan" for the container ?

If yes, does it mean that this configuration be enough ?

 

/etc/systemd/network/99-eth0.network
[Match]
Name=eth0

[Network]
DHCP=ipv4
IPv6AcceptRA=no


[ /etc/systemd/network/99-eth1.network
[Match]
Name=eth1

[Network]
DHCP=no

Is this enough to bridge the tagged vlans to Docker ?

 

0 Kudos