CentOS中为网卡添加 VLAN TAG

发表于 | 分类于 | | 本文总阅读量
字数统计: 1k | 阅读时长 ≈ 5

为什么要为网卡加上 VLAN TAG

有时候我们需要将主机或服务器加入同一个VLAN中,在此之前需要配置本地网卡使其发送出去的数据包带有 VLAN 标签,这样才可以被对端的交换机接收。本文会教你如何为 CentOS7 的网卡打上 VLAN,以便与对端交换机的 VLAN 网关通信。

配置步骤

开启 CentOS 的 8021q 模块

①首先检查本机是否已加载该模块

1
2
3
4
[root@localhost ] lsmod | grep 8021q   # 查询模块是否正常加载
8021q                  33208  0 
garp                   14384  1 8021q
mrp                    18542  1 8021q

②若该模块未加载,需先加载 8021q模块,再执行步骤 1 检查

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[root@localhost ] modprobe 8021q       # 加载模块
[root@localhost ] modinfo 8021q        # 查询模块信息
filename:       /lib/modules/3.10.0-957.27.2.el7.x86_64/kernel/net/8021q/8021q.ko.xz
version:        1.8
license:        GPL
alias:          rtnl-link-vlan
retpoline:      Y
rhelversion:    7.6
srcversion:     3D84ADCA65536B17FD7DCEC
depends:        mrp,garp
intree:         Y
vermagic:       3.10.0-957.27.2.el7.x86_64 SMP mod_unload modversions 
signer:         CentOS Linux kernel signing key
sig_key:        52:0A:4E:2D:9D:55:3E:F8:42:01:C1:88:B8:7F:E5:1B:9D:E1:1A:5E
sig_hashalgo:   sha256

修改原有网卡文件

③使用 ip a 命令查看网卡信息,本次添加 tag 标签的网卡为eth0

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@localhost ~] ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:80:69:1f brd ff:ff:ff:ff:ff:ff
    inet 192.168.245.129/24 brd 192.168.245.255 scope global dynamic eth0
       valid_lft 1738sec preferred_lft 1738sec
    inet6 fe80::1c28:54a4:1513:c8ee/64 scope link 
       valid_lft forever preferred_lft forever

④修改 ifcfg-eth0 网卡文件,修改 ONBOOT=yes、增加 PROXY_METHOD=none、BROWSER_ONLY=no,如果配置了静态IP需要删除

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
[root@localhost ~] cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts] cat ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=none                              # 不配置IP地址
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=0212fe99-0ea0-49bc-a44a-b63275101e6d
DEVICE=eth0
ONBOOT=yes                                  # 保持网卡开机自启
PEERDNS=yes
PEERROUTES=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_PRIVACY=no
PROXY_METHOD=none                           # 增加该项
BROWSER_ONLY=no                             # 增加该项

创建带VLAN的网卡设备

⑤增加网卡子接口文件 ifcfg-eth0.10 ,此处 “.10” 为命名规范,表示添加的子网VLAN ID 为10

1
2
3
4
5
6
7
8
[root@localhost network-scripts] vi ifcfg-eth0.10  # 文件内容如下
DEVICE=eth0.10
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.10.10
PREFIX=24
NETWORK=192.168.10.0
VLAN=yes

⑥创建VLAN网卡

1
[root@localhost network-scripts] ip link add link eth0 name eth0.10 type vlan id 10

重启网络服务,检验配置是否成功

⑦当有多个网卡配置不同的VLAN TAG 时,需要先停止 NetworkManager 服务防止冲突

1
2
[root@localhost network-scripts] service NetworkManager stop
Redirecting to /bin/systemctl stop  NetworkManager.service

⑧重启网络服务

1
2
[root@localhost network-scripts] service network restart 
Restarting network (via systemctl):

⑨验证vlan标签是否创建成功

1
2
3
4
5
6
7
8
9
10
11
[root@localhost ~] cat /proc/net/vlan/eth0.10 
eth0.10  VID: 10	 REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           11
       total bytes transmitted          822
Device: eth0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:

⑩使用 ip a 命令查看网卡配置,测试对端网关连通性

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
[root@localhost ~] ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:80:69:1f brd ff:ff:ff:ff:ff:ff
    inet6 fe80::1c28:54a4:1513:c8ee/64 scope link 
       valid_lft forever preferred_lft forever
3: eth0.10@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 00:0c:29:80:69:1f brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.10/24 brd 192.168.10.255 scope global eth0.10
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe80:691f/64 scope link 
       valid_lft forever preferred_lft forever
       
[root@localhost ~] ping -I 192.168.10.10 192.168.10.1      # 使用-I指定源IP
PING 192.168.10.2 (192.168.10.2) from 192.168.10.10 : 56(84) bytes of data.
64 bytes from 192.168.10.10: icmp_seq=1 ttl=128 time=0.044 ms
64 bytes from 192.168.10.10: icmp_seq=2 ttl=128 time=0.121 ms
64 bytes from 192.168.10.10: icmp_seq=3 ttl=128 time=0.053 ms
64 bytes from 192.168.10.10: icmp_seq=4 ttl=128 time=0.042 ms

到此就已经成功为 eth0 网卡添加了 VLAN 标签了,可以看到能够与 VLAN 10 的网关192.168.10.1互通