Hi all,,
I have read it over and over but i just can't get my head around it....
http://pve.proxmox.com/wiki/Network_Model
Configuring VLAN in a cluster
For the simplest way to create VLAN follow the link: VLAN
Goal:
Suppose this scenario:
Create bond0
First of all we create the bond0 (switch assisted 802.3ad) at the proxmox web interface, follow the video.
At the end we have a /etc/network/interface like this:
# network interface settings
auto lo
iface lo inet loopback
iface eth0 inet manual
iface eth1 inet manual
auto bond0
iface bond0 inet manual
slaves eth0 eth1
bond_miimon 100
bond_mode 802.3ad
auto vmbr0
iface vmbr0 inet static
address 192.168.1.1
netmask 255.255.255.0
gateway 192.168.1.250
bridge_ports bond0
bridge_stp off
bridge_fd 0
Configure your switch appropriately. If you're using a bond of multiple links, you need to tell this to your switch and put the switch ports in a Link Aggregation Group or Trunk.
Create VLAN
We have two methods to follow:
First explicit method
auto vlan53
iface vlan53 inet manual
vlan_raw_device bond0
Second method
We can use direct the NIC dot VLAN ID, like bond0.53
I prefer the first one!
Create manually the bridge
Now we create manually the second bridge.
auto vmbr1
iface vmbr1 inet static
address 192.168.2.1
netmask 255.255.255.0
network 192.168.2.0
bridge_ports vlan53
bridge_stp off
bridge_fd 0
post-up ip route add table vlan53 default via 192.168.2.250 dev vmbr1
post-up ip rule add from 192.168.2.0/24 table vlan53
post-down ip route del table vlan53 default via 192.168.2.250 dev vmbr1
post-down ip rule del from 192.168.2.0/24 table vlan53
NOTE:
Create the table in ip route 2
We must change the file /etc/iproute2/rt_tables, add the following line:
# Table for vlan53
53 vlan53
use these commands to add:
echo "# Table for vlan53" >> /etc/iproute2/rt_tables
echo "53 vlan53" >> /etc/iproute2/rt_tables
Create the vlan on switch
For example on a HP Procurve 52 ports we use the following instructions to create the vlan.
Suppose:
Enter in configuration mode and type:
trunk 1-2 Trk1 LACP
trunk 3-4 Trk2 LACP
trunk 47-48 Trk3 LACP
vlan 2
name "Vlan2"
untagged Trk1-Trk3
ip address 192.168.1.254 255.255.255.0
exit
vlan 53
name "Vlan53"
tagged Trk1-Trk3
exit
Test the configuration
Reboot the cluster node one by one for testing this configuration.
Unsupported Routing
Physical NIC (eg., eth1) cannot currently be made available exclusively for a particular KVM / Container , ie., without bridge and/or bond.
Naming Conventions
I have a 3 node cluster...
I would like the administration network to not be a in VLAN. The administration network is where i connect to the proxmox nodes using either web or ssh for setups..
I will be using this 3 node cluster for hosting and it could be that i will be hosting other clients infrastructure like virtual file, dc and mail server and so on. Therefore i need to know how to use vlans for virtual machines since each client will have to be on his or hers own VLAN...
My problem is i just can't get my head around the network model documentation..
My plan is to create a sub interface for each client in my firewall. Each subinterface will be assigned a vlan tag. from here I will have two switches in a LACP configuration that will carry the VLAN tag to the 3 proxmox nodes.
My assumption is that the only thing i need to configure is to have say VLAN 10 tagged from the firewall through the switches and tagged to each cluster node NOT configuring anything in any of the cluster nodes interface files. and than configure VLAN 10 on the different VMs virtual network cards...
Is this assumption right? and will it work in a failover scenario? Or do i have to set something up in the cluster nodes interface file?
THANKS
Casper
I have read it over and over but i just can't get my head around it....
http://pve.proxmox.com/wiki/Network_Model
Quote:
Configuring VLAN in a cluster
For the simplest way to create VLAN follow the link: VLAN
Goal:
- Have two separate network on the same NIC
- Another host (firewall) manage the routing and rule to access to these VMs (out of this doc)
Suppose this scenario:
- A cluster with two nodes
- Each node have two NIC
- We want bonding the NIC
- We use two network: one untagged 192.168.1.0/24 and one tagged (VLanID=53) 192.168.2.0/24, we must configure the switch with port vlan.
- We want separate these network at layer 2
Create bond0
First of all we create the bond0 (switch assisted 802.3ad) at the proxmox web interface, follow the video.
At the end we have a /etc/network/interface like this:
# network interface settings
auto lo
iface lo inet loopback
iface eth0 inet manual
iface eth1 inet manual
auto bond0
iface bond0 inet manual
slaves eth0 eth1
bond_miimon 100
bond_mode 802.3ad
auto vmbr0
iface vmbr0 inet static
address 192.168.1.1
netmask 255.255.255.0
gateway 192.168.1.250
bridge_ports bond0
bridge_stp off
bridge_fd 0
Configure your switch appropriately. If you're using a bond of multiple links, you need to tell this to your switch and put the switch ports in a Link Aggregation Group or Trunk.
Create VLAN
We have two methods to follow:
First explicit method
auto vlan53
iface vlan53 inet manual
vlan_raw_device bond0
Second method
We can use direct the NIC dot VLAN ID, like bond0.53
I prefer the first one!
Create manually the bridge
Now we create manually the second bridge.
auto vmbr1
iface vmbr1 inet static
address 192.168.2.1
netmask 255.255.255.0
network 192.168.2.0
bridge_ports vlan53
bridge_stp off
bridge_fd 0
post-up ip route add table vlan53 default via 192.168.2.250 dev vmbr1
post-up ip rule add from 192.168.2.0/24 table vlan53
post-down ip route del table vlan53 default via 192.168.2.250 dev vmbr1
post-down ip rule del from 192.168.2.0/24 table vlan53
NOTE:
- We must not indicate the gateway, we must manually modify the routing table use ip route 2
- The whole configuration must replicate on the other cluster's node, the only change is the IP of the node.
Create the table in ip route 2
We must change the file /etc/iproute2/rt_tables, add the following line:
# Table for vlan53
53 vlan53
use these commands to add:
echo "# Table for vlan53" >> /etc/iproute2/rt_tables
echo "53 vlan53" >> /etc/iproute2/rt_tables
Create the vlan on switch
For example on a HP Procurve 52 ports we use the following instructions to create the vlan.
Suppose:
- Ports 47-48 trunk (switch assisted 802.3ad) for gateway
- Ports 1-2 trunk (switch assisted 802.3ad) for the first node of cluster proxmox
- Ports 3-4 trunk (switch assisted 802.3ad) for the second node
Enter in configuration mode and type:
trunk 1-2 Trk1 LACP
trunk 3-4 Trk2 LACP
trunk 47-48 Trk3 LACP
vlan 2
name "Vlan2"
untagged Trk1-Trk3
ip address 192.168.1.254 255.255.255.0
exit
vlan 53
name "Vlan53"
tagged Trk1-Trk3
exit
Test the configuration
Reboot the cluster node one by one for testing this configuration.
Unsupported Routing
Physical NIC (eg., eth1) cannot currently be made available exclusively for a particular KVM / Container , ie., without bridge and/or bond.
Naming Conventions
- Ethernet devices: eth0 - eth99
- Allowable bridge names: vmbrn, where 0 ≤ n ≤ 4094
- Bonds: bond0 - bond9
- VLANs: Simply add the VLAN number to the ethernet device name, separated by a period. For example "eth0.50"
I have a 3 node cluster...
I would like the administration network to not be a in VLAN. The administration network is where i connect to the proxmox nodes using either web or ssh for setups..
I will be using this 3 node cluster for hosting and it could be that i will be hosting other clients infrastructure like virtual file, dc and mail server and so on. Therefore i need to know how to use vlans for virtual machines since each client will have to be on his or hers own VLAN...
My problem is i just can't get my head around the network model documentation..
My plan is to create a sub interface for each client in my firewall. Each subinterface will be assigned a vlan tag. from here I will have two switches in a LACP configuration that will carry the VLAN tag to the 3 proxmox nodes.
My assumption is that the only thing i need to configure is to have say VLAN 10 tagged from the firewall through the switches and tagged to each cluster node NOT configuring anything in any of the cluster nodes interface files. and than configure VLAN 10 on the different VMs virtual network cards...
Is this assumption right? and will it work in a failover scenario? Or do i have to set something up in the cluster nodes interface file?
THANKS
Casper