Multiple Xen Vlans

por | 12 mayo, 2008
0 comentarios

Configuring bridges for multiple VLANs
This section will be beefed up a bit later. I’m rushing it out due to popular demand!

The default Xen networking scripts that come with CentOS 5 aren’t friendly with VLAN bridges. It’s explained somewhat thoroughly here, so I won’t repeat myself. Here’s the nitty-gritty on how to get around it.

First, you’ll want to edit your network-bridge script. I found a more elegant solution that uses a bash function to overload (and mask) the ifdown bash script somewhere out on the interweb, but I can’t find it right now. This was the solution I came up with. Look for a function definition for the «is_bonding()» function call. On my installs, it’s on line 78. The one line contained in the function should look like this by default:

[ -f "/sys/class/net/$1/bonding/slaves" ]

You’ll want to change this to the following:

[ -f "/sys/class/net/$1/bonding/slaves" ] || [ -f /proc/net/vlan/$1 ]

This will bypass the broken ifdown call that destroys the VLAN interface when the bridge is being created.

Second, you’ll want to make/modify a network initialization script. I chose to make my own, and modify the xend config file (/etc/xen/xend-config.sxp) to reflect the location of my network init script. I called my script «network-multi», so I needed to find the network-script configuration directive and replace it with this:

(network-script network-multi)

Now that xen is looking for my network init script instead of the default, it’s time to make it. Here’s the important stuff from the script.

#!/bin/sh
dir=$(dirname "$0")
"$dir/network-bridge" "$@" vifnum=0 netdev=eth0 bridge="xbr_trunk"
ifup vlan10
ifup vlan11
ifup vlan12
"$dir/network-bridge" "$@" vifnum=1 bridge="xbr_vl10" netdev="vlan10"
"$dir/network-bridge" "$@" vifnum=2 bridge="xbr_vl11" netdev="vlan11"
"$dir/network-bridge" "$@" vifnum=3 bridge="xbr_vl12" netdev="vlan12"

And that’s it. The above assumes that you have three VLAN interfaces defined that will start up «attached» to eth0. Since they’re starting after the «xbr_trunk» bridge is created, they’ll be attached to the virtual eth0 interface instead of the physical ethernet device. This script doesn’t yet behave very nicely on shutdown, but that doesn’t bother me too much.