                                 Release Notes
                               Linux VLAN INIT PACKAGE
                                 Version 1.0.1
                                   12/17/2004

Table of Contents
=================
Introduction
Packaging
Installing Source RPM Package
VLAN Configuration (stand alone adapter)
VLAN Configuration (teamed with Bonding)
Startup Scripts & VLAN Automation
Valid Values for VLAN ID
Verification of VLAN Configuration
Uninstall the RPM
Limitations
References


Introduction
============
This package provides a vlan init and configuration script for Red Hat EL4 
which configures the distro 802.1q VLAN driver during startup.

Packaging
=========
The driver is released in the RPM format. The file name for the 
package is vlan_init-<version>.linux.rpm. 

Installing Source RPM Package
=============================
1. Check for the existence of a current version of the vlan_init package as
   follows:

        # rpm -q vlan_init

        If an old version of the package exists the RPM package should be
        removed.

        # rpm -e vlan_init

        Verify that the old vlan_init package has been removed as follows:

        # rpm -q vlan_init

2. Install the RPM package.

	# rpm -ivh vlan_init-<version>.linux.rpm

3. The VLAN driver can be configured with either stand alone adapters or
   with a team of adapters using the Bonding driver.

	Please refer to the "VLAN Configuration (stand alone adapter)" 
	section for details on how to setup VLANs with a stand alone
	adapter.

	Please refer to the "VLAN configuration (teamed with Bonding 
	driver)" section for details on how to setup VLANs in a teamed
	environment using the Bonding driver.


VLAN Configuration (stand alone adapter) 
========================================
A multiple VLAN configuration with one stand alone adapter is 
illustrated below.

	Server with the following configuration:
	-Supported Linux Distribution
	 (Please see the "Supported Linux Distributions" section)
	-One HP NC7131 Gigabit Server Adapter
	
	Two clients with the following configuration:
	-Running Any Linux distribution
	-Each client with one HP NC7131 Gigabit Server Adapter

	Switch with VLAN capability
	-The following diagram illustrates the connectivity of the server
	 and the clients to a VLAN capable switch

   __________                                      ___________________
  |          |eth0 (vlan=4000,4001)               |      Switch       |
  |          +------------------------------------+ port 1            |
  |          |                                    | (tagged 4001,4001)|
  |  Server  |                                    |                   |
  |          |eth1                                |                   |
  |          +                                    + port 2            |
  |__________|                                    | (unused)          |
                   __________                     |                   |
                  |          |eth0 (untagged)     |                   |
                  | Client A +--------------------+ port 3            |
                  |__________|                    | (untagged 4000)   |
                                                  |                   |
                   __________                     |                   |
                  |          |eth0 (untagged)     |                   |
                  | Client B +--------------------+ port 4            |
                  |__________|                    | (untagged 4001)   |
                                                  |___________________|


The above configuration is setup such that the server and client A 
belong to vlan 4000 and the server and client B belong to vlan 4001.  
The detailed configuration steps are as shown below.


1. Configure the server as shown below

	Issue the following commands on the server to create the VLANs.  
	Load the network driver and bring up the interface.  In this 
	example configuration, the interface name is eth0.

	#ifconfig eth0 up

	Configure 2 VLANs on the eth0 interface using vconfig as follows
	(4000 and 4001 being the VLAN ID's)

	#vconfig add eth0 4000
	#vconfig add eth0 4001

	NOTE: if the module is not already loaded, the vconfig command
	( when invoked first time ) will automatically load the module 
	after showing the following warning message.

		WARNING:  Could not open /proc/net/vlan/config.  Maybe you
		need to load the 8021q module, or maybe you are not using
		PROCFS??

	Bring up the VLAN interfaces as follows:

	#ifconfig eth0.4000 10.10.10.1 netmask 255.255.255.0 up
	#ifconfig eth0.4001 10.10.20.1 netmask 255.255.255.0 up

	Remove the IP Address information on the ethernet card as follows

	#ifconfig eth0 0.0.0.0

2. Configure the Clients as follows:

	Configure the IP Address on client A so that the client can only
	communicate with hosts configured on VLAN 4000

	#ifconfig eth0 10.10.10.2 netmask 255.255.255.0 up

	Configure the IP Address on client B so that the client can only
	communicate with hosts configured on VLAN 4001

	#ifconfig eth0 10.10.20.2 netmask 255.255.255.0 up

3. Switch Configuration

	Please refer to the documentation corresponding to your switch.  
	In the example above, the connection from the server to the switch
	are "tagged" ports.  The connection from the clients to the switch 
	are "untagged" ports.

Please refer to the section on "Valid Values for VLAN ID" for
details on valid values for VLAN ID.

VLAN Configuration (teamed using Bonding) 
=========================================
Server with the following configuration:

	Server with the following configuration:
	-Supported Linux Distribution
	 (Please see the "Supported Linux Distributions" section)
	-One HP NC7131 Gigabit Server Adapter
	-One HP NC6770 Gigabit Server Adapter
	-Team both adapters with the Bonding driver
	 (Please see the Bonding.txt file for more information)
	
	Two clients with the following configuration:
	-Running Any Linux distribution
	-One HP NC7131 Gigabit Server Adapter

	Switch with VLAN capability
	-The following diagram illustrates the connectivity of the server
	 and the clients to a VLAN capable switch      

   __________                                      ___________________
  |          |eth0                                |      Switch       |
  |          +-------                       ------+ port 1            |
  |          |       |        Bond0        |      | (tagged 10,20)    |
  |  Server  |       |====(vlan 10,20)=====|      |                   |
  |          |eth1   |                     |      |                   |
  |          +-------                       ------+ port 2            |
  |__________|                                    | (tagged 10,20)    |
                   __________                     |                   |
                  |          |eth0 (untagged)     |                   |
                  | Client A +--------------------+ port 3            |
                  |__________|                    | (untagged 10)     |
                                                  |                   |
                   __________                     |                   |
                  |          |eth0 (untagged)     |                   |
                  | Client B +--------------------+ port 4            |
                  |__________|                    | (untagged 20)     |
                                                  |___________________|


The above configuration is setup such that the server (interfaces eth0
and eth1 teamed as bond0) is a member of both the VLANs 10 and 20.  
Client A is a member of VLAN 10 and client B is a member of VLAN 20.
The detailed configuration steps are as shown below.

Before proceding to the next step, please refer to the bonding.txt 
provided with the bonding rpm package and configure bonding as described
in that document. It is assumed that the user has succesfully configured
a team called bond0 on the server which teams two ethernet cards having 
interface names eth0 and eth1 (as shown by the above diagram).

   Note: VLAN's are not supported over teamed adapters if the bonding 
   driver is using the "arp" feature for configuring teams in any of
   the modes. For more details on the parameters associated with arp,
   please refer to the bonding.txt

1. Configure the server as shown below

      Configure the bonding and ethernet devices to start without an
      associated IP address as follows:

        #ifconfig bond0 0.0.0.0 up
        #ifconfig eth0 0.0.0.0 up
        #ifconfig eth1 0.0.0.0 up

	Configure 2 VLANs on the bonding interface using vconfig as 
	follows:

	#vconfig add bond0 10
	#vconfig add bond0 20

	NOTE: if the module is not already loaded, then the vconfig command 
	will load the module.

	Bring up the VLAN interfaces as follows:

	#ifconfig bond0.10 100.0.0.1 netmask 255.0.0.0 up
	#ifconfig bond0.20 101.0.0.1 netmask 255.0.0.0 up

2. Configure the Clients as shown below

	Configure the IP Address on client A so that the client can only
	communicate with hosts configured on VLAN 10

	#ifconfig eth0 100.0.0.2 netmask 255.0.0.0 up

	Configure the IP Address on client B so that the client can only 
	communicate with hosts configured on VLAN 20

	#ifconfig eth0 101.0.0.2 netmask 255.0.0.0 up

3. Switch Configuration

	Please refer to the documentation corresponding to your switch. In
	the example above, the connection from the server to the switch 
	are "tagged" ports.  The connection from the clients to the switch
	are "untagged" ports.

Please refer to the section on "Valid Values for VLAN ID" for
details on valid values for VLAN ID.

Startup Scripts & VLAN Automation
=================================
The VLAN package provides the following startup script and a 
configuration file that enables the user to preserve vlan configuration 
across reboots and automate vlan startup at system reboot.

	/etc/init.d/vlan
	/etc/vlan.conf

The /etc/init.d/vlan script reads information from /etc/vlan.conf and 
configures VLANs accordingly. The format of /etc/vlan.conf is as 
explained below

   Note 1: If VLAN's are being configured in a teamed environment with
   bonding, the user should ensure that all the devices associated with
   the team(s) are configured without an IP Addresses. For example, in
   the "VLAN Configuration (teamed using Bonding)" section, the devices
   bond0, eth0 and eth1 should start without an associated IP address.

   The following text from the /etc/sysconfig/network-scripts/ifcfg-bond0
   file shows the appropriate lines that are commented out to configure 
   team(s) without IP Addresses. 

   DEVICE=bond0
   BOOTPROTO=static
   #BROADCAST=10.10.20.255
   #IPADDR=10.10.20.1
   #NETMASK=255.255.255.0
   #NETWORK=10.10.20.0
   ONBOOT=yes
   BOOTPROTO=none
   USERCTL=none

   If bonding has been activated/running on the system, please make the
   changes similar to what has been indicated above in all files associated
   with each of the devices associated with the team ( In this example,the 
   devices are eth0 and eth1 ) and reboot the system before starting VLAN.

   Note 2: If VLAN's are being configured with the bonding driver, the
   user should ensure that the bonding driver starts before the vlan
   script runs. On Redhat Distributions, this happens automatically when
   the network configuration scripts run.  The Red Hat network scripts
   are located at /etc/sysconfig/network-scripts/ifcfg-bondX.  Bonding
   does not automatically start with UnitedLinux 1.0.  The user will
   need to create an RC script that starts before the VLAN script to
   ensure proper VLAN / bonding environments.  Please refer to
   bonding.txt for more information regarding automation.

1. The nametype parameter indicates how the VLAN interface should be 
   named. The supported values for this parameter are as follows.
   Assuming that a VLAN with ID=10 is created over eth0, the
   corresponding VLAN interface created with each nametype is shown in
   brackets.  The default is DEV_PLUS_VID_NO_PAD

	VLAN_PLUS_VID ( vlan0010 )
	VLAN_PLUS_VID_NO_PAD ( vlan10 )
	DEV_PLUS_VID ( eth0.0010 )
	DEV_PLUS_VID_NO_PAD ( eth0.10 )


	The nametype parameter is specified in the file as follows

	nametype	<type as specified above>

2. List defining properties of each VLAN to be configured. Each line in
   this list corresponds to one VLAN and contains 4 entries which are
   shown below.
  
	<interface_name>	<vlan_id>   <IP Address>   <netmask>

	For the sample configuration desribed in the section "VLAN
      configuration (stand alone adapter)", the /etc/vlan.conf would
      look as follows:

	eth0	4000	10.10.10.1	255.255.255.0
	eth0	4001	10.10.20.1	255.255.255.0

	Please note that leading zero's are not allowed for the vlan_id
	field.  For Example, if the vlan_id is 10, usage of either 010 or
	0010 will end up in unpredictable results.

3. Once all the entries are completed in the file, the VLAN can be
   restarted with the following command:

   	/etc/init.d/vlan restart

4. To unconfigure the VLANs, please run the following commands:

	/etc/init.d/vlan stop
	/etc/init.d/network restart

Special Note on the nametype parameter:
--------------------------------------

   If nametypes of either  VLAN_PLUS_VID (or) VLAN_PLUS_VID_NO_PAD are
   used, the user is advised to handle situations which are similar to
   the illustration below where the network devices are different but
   the vlan_id is the same.

   eth0     4000    10.10.10.1		255.255.255.0
   eth1     4000    10.10.10.1		255.255.255.0

   Now, what happens in this situation is that when the VLAN devices
   are created, the VLAN device name would be vlan4000 for both devices
   and hence causes conflict. In such cases, the user should use 
   nametype as DEV_PLUS_VID (or) DEV_PLUS_VID_NO_PAD.

Please refer to the section on "Valid Values for VLAN ID" for
details on valid values for VLAN ID.

Valid Values for VLAN ID
========================
The range of values allowed for VLAN ID's is from 0 to
4094. However, the user should note that the value "0" is
a reserved value. More details on what these values
mean is given in detail in the 8021.q specification available
through the following link

http://standards.ieee.org/getieee802/download/802.1Q-1998.pdf

It has also been observed that although the VLAN ID "1" is 
an allowed value, it may not work properly with all switches. 

Verification of VLAN Configuration
==================================
There are two steps to verify the VLAN Configuration on the server

	- Verify the VLAN Setup
	- Verify the VLAN functionality

1. Verify the VLAN setup

	The VLAN configuration on the server can be verified with the
	following commands.  The information below was generated from the
	the "VLAN Configuration (stand alone adapter)" example.
	
	# more /proc/net/vlan/config

	VLAN Dev name	 | VLAN ID
 	Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
	eth0.4000      | 4000  | eth0
	eth0.4001      | 4001  | eth0

	# ifconfig -a

	
eth0      Link encap:Ethernet  HWaddr 00:02:A5:3D:04:CE 
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:276 errors:0 dropped:0 overruns:0 frame:0
          TX packets:264 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:29052 (28.3 Kb)  TX bytes:27228 (26.5 Kb)
          Interrupt:10 

eth0.4000 Link encap:Ethernet  HWaddr 00:02:A5:3D:04:CE  
          inet addr:10.10.10.1  Bcast:10.255.255.255  Mask:255.255.255.0
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:43 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:3156 (3.0 Kb)  TX bytes:2996 (2.9 Kb)

eth0.4001 Link encap:Ethernet  HWaddr 00:02:A5:3D:04:CE
          inet addr:10.10.20.1  Bcast:10.255.255.255  Mask:255.255.255.0
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:121 errors:0 dropped:0 overruns:0 frame:0
          TX packets:121 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:9936 (9.7 Kb)  TX bytes:11522 (11.2 Kb)


2. Verify the VLAN Functionality

	From client A, issue the following broadcast ping command:

	#ping -b 10.255.255.255

	From client B, issue the following broadcast ping command:

	#ping -b 20.255.255.255

	This will verify that the packets sent by client A will only be
	received by the server and the packets sent by client B will only
	be received by the server.  At any point of time, client A should
	not receive packets sent from client B and vice versa.

Uninstall the RPM
=================
The following command will uninstall the vlan_init RPM.

	#rpm -e vlan_init


Limitations
===========
1. Output of "ifconfig -a" command has the limitation of showing only eight
characters for the interface name. If two VLAN interfaces are configured
say bond0.4000 and bond0.4001, the ifconfig shows both as bond0.400 
which causes confusion.  One way to solve this problem would be to set 
the name type format in /etc/vlan.conf as follows:

	nametype VLAN_PLUS_VID_NO_PAD

	To restart the vlans:.

	#/etc/init.d/vlan restart

	Once this is done, the interface name would appear as "vlan4000" 
	instead of "bond0.400" thereby causing ifconfig to show the output
	properly.

2. It has been seen sometimes due to the limits on the number of
files that can be created under /proc, entries for some vlan devices
may not get created. However, this does not affect the functioning
of the VLAN itself. 

References
==========
VLAN Home Page: http://www.candelatech.com/~greear/vlan.html

ftp://ftp.netlab.ohio-state.edu/pub/jain/courses/cis788-97/virtual_lans.pdf

A html format of the same document is available through the following link:

ftp://ftp.netlab.ohio-state.edu/pub/jain/courses/cis788-97/virtual_lans/index.htm

http://compnetworking.about.com/cs/virtuallans/
