Data ONTAP Discussions

Creating VLANs on an Existing VIF

Hello All,

I have an existing VIF (Trunk1) that I now want to create two VLANs on (15 and 25).

I know that when I create the VLAN i will end up with two new interfaces (Trunk1-15 and Trunk1-25), but what will happen to the original VIF interface and its IP address.

Will it remain accessible?

I have an IP address assigned to the trunk and it needs to stay accessible througout the addition of the new VLAN interfaces.

Will it still be untagged?

Is it possible to have an Untagged and serveral tagged interfaces assigned to the same VIF?




Re: Creating VLANs on an Existing VIF

I don't believe you can have untagged and tagged on the same vif.  Seems like I did some testing and ran into issues on that (could have been something on the network switch side also).

So, this might help.  A portion of my /rc is shown below where you can see the change I made to get the vlan tagging done (names and IPs changed to protect the innocent).  I started with a single untagged VLAN (filerb is on the x.x.53.x subnet and VLAN2) and we needed get access to the .207 (VLAN4) and .208 (VLAN5).  I commented out the original >ifconfig statement, added the vlan creation statement, and then new ifconfigs for each vlan.  I made this change in about 5 sec by creating a text file for each filer head including taking the interfaces down and the new lines below.  Copy and paste on the console, then test.

vif create lacp prim_vif -b ip e0a e0b

vif create lacp sec_vif -b ip e4a e4b

vif create single toplvl_vifb prim_vif sec_vif

#ifconfig toplvl_vifb filerb netmask partner toplvl_vifa

vlan create toplvl_vifb 2 4 5

ifconfig toplvl_vifb-2 filerb netmask partner toplvl_vifa-2

ifconfig toplvl_vifb-4 x.x.207.x netmask partner toplvl_vifa-4

ifconfig toplvl_vifb-5 x.x.208.x netmask partner toplvl_vifa-5

Re: Creating VLANs on an Existing VIF


But then how did you handle the untagged traffic coming to the original port?

The default vlan on a switch is usually 1. Did you also have to change the LACP trunk on the switch to start tagging those packets from the default VLAN?

Right now I have both my 10Gig ports on a Mulitmode VIF on the default (untagged) vlan in my datacenter. (192.168.0.X lets call it)

There is a tun of traffic already on these ports, and Im at a loss as to how to move the interface to a tagged port but maintain that traffic.

Maybe my knowledge on VLANs is a little light, but all my VLANs are usually their own subnet.

If i have to move the VIF trunk to a tagged port of the default VLAN on the switch and reconfigure the interfaces on the filers at the same time, i dont see how I can avoid downtime.

If I can have untagged and tagged trafic on the same VIF it would be very easy.

Maybe I will call support


Re: Creating VLANs on an Existing VIF


I read this information from the NetApp documentation

You can configure an IP address for an interface with VLANs. Any  untagged traffic goes to the base interface and the tagged traffic goes  to the respective VLAN. You can use the ifconfig  command to configure an IP address for the underlying interface of the  VLAN. Any tagged frame is received by the matching VLAN interface.  Untagged traffic is received by the native VLAN on the underlying  interface.

Note:  You should not create a VLAN on a physical interface with the same  identifier as the native VLAN of the switch. For example, if the network  interface e0b is on native VLAN 10, you should not create a VLAN e0b-10  on that interface.

You cannot bring down a network interface that is configured to  receive tagged and untagged traffic (IP configured for the underlying  interface and VLANs). You must bring down all VLANs on the underlying  interface before you bring down the interface. However, you can delete  the IP address of the underlying interface. When you configure a VLAN using GVRP, the GVRP packets are sent as both untagged and tagged from the native VLAN.

For information about reverting with a configuration for receiving  tagged and untagged frames on the same network interface, do the following:

In Data ONTAP 8.0, you can configure an IP address for the base interface and configure VLANs on that interface. Because this configuration is not supported in the Data ONTAP 7.2 and 7.3 release
families, you should remove the base interface configuration from the /etc/rc file before reverting.
When you configure both the base interface and VLANs with IP addresses, any untagged traffic goes to the base interface and the tagged traffic goes to the respective VLAN.

1. Open the /etc/rc file in the root volume by using a text editor.

2. Delete the command for configuring the IP address on the base interface from the /etc/rc file.
Note: If you need the IP address of the base interface after reverting, you can configure it on a different interface.
3. Modify the file such that the order of configuration in the file is as follows:
a. Commands to create the VLANs
b. Commands to configure the VLANs

Hope this helps!