Network and Storage Protocols

adding vlan on vif

RATNATHURAI
8,340 Views

I am trying to create vlan on existing vif for iscsi and nfs, hope someone check this statement and correct it for me if I am wrong please?

Right now both nfs and iscsi are on sanvif2 and do not have vlan.

>rdfile /rc/rc

#Regenerated by registry Thu Aug 18 16:08:42 EDT 2011

#Auto-generated by setup Thu Aug 18 16:24:32 GMT 2011

hostname MYNETAPP2

ifgrp create single lanvif2 e0a

ifgrp create multi sanvif2 -b ip e0d e0c e0b

ifconfig lanvif2 `hostname`-lanvif2 netmask 255.255.255.0 mediatype auto mtusize 1500 -wins partner lanvif1

ifconfig sanvif2 `hostname`-sanvif2 netmask 255.255.255.0 partner sanvif1 mtusize 1500 trusted -wins up

ifconfig sanvif2 alias 10.40.2.25 netmask 255.255.255.0

ifconfig sanvif2 alias 10.40.2.24 netmask 255.255.255.0

route add default 10.40.1.1 1

route add net 10.10.2/24 10.40.2.1 1

routed on

options dns.domainname MYDOMAIN.local

options dns.enable on

options nis.enable off

savecore

create new vlan

>vlan create sanvif2 50 100
>ifconfig sanvif2-50 `hostname`-sanvif2-50 netmask 255.255.255.0 partner sanvif1-50 mtusize 1500 trusted -wins up

host file
10.40.5.25 sanvif2-50
Do it on partner
>vlan create sanvif2 50 100
>ifconfig sanvif1-50 `hostname`-sanvif2-50 netmask 255.255.255.0 partner sanvif2-50 mtusize 1500 trusted -wins up

I am not sure whether I have to create two , one for iscsi and other for nfs.

7 REPLIES 7

billshaffer
8,340 Views

II was going to say that I didn't think you could create vlans an an interface that is already plumbed, but it looks like 8.0 does allow tagged and untagged traffic on the same physical interface - but you should be sure that that is, indeed, what you want to do.  If not, you'd need to ifconfig down sanvif2, vlan create (include a vlan for the existing network), then ifconfig all three vlans.  Otherwise, I think this looks okay.  Remember to put your config lines in /etc/rc as well.

You should definitely isolate iscsi traffic.

Hope this helps.

Bill

RATNATHURAI
8,340 Views

The oncomand system did not allow me to create the vlan so I did try with cli.
I was able to create vlan. One shows as Vlan Indices:50 and othe other shows as VLAN ID: 50
Am I on the correct path?

> vlan stat

Vlan Physical Interface:  sanvif2  () --
           Vlan Indices:  50
                   GVRP:  disabled

RECEIVE STATISTICS
Total frames:     4275m | Total bytes:     28072g | Multi/broadcast:   639k
Untag drops:         0  | Vlan tag drops:      0
TRANSMIT STATISTICS
Total frames:     4209m | Total bytes:       121t


Vlan Interface: sanvif2-50   () --
      VLAN ID: 50
   MAC Address: 02:a0:98:2c:21:82

RECEIVE STATISTICS
Total frames:        0  | Total bytes:         0  | Multi/broadcast:     0
TRANSMIT STATISTICS
Total frames:        0  | Total bytes:         0  | Multi/broadcast:     0
Queue overflows:     0

billshaffer
8,340 Views

What commands did you use?  What does ifconfig -a show?  To me, this looks like you've created a single vlan (sanvif2-50).  The "vlan indices: 50" line is on the stanza describing the physical link.  If you had created a 50 and a 100 vlan, I think it would say "vlan indices: 50 100".

Bill

RATNATHURAI
8,340 Views


correct , I only created vlan 50, here is the bottom part of the ifconfig -a 

sanvif2: flags=0xa6f48863<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM,NOWINS,VLAN> mtu 1500

        inet 10.40.2.23 netmask 0xffffff00 broadcast 10.40.2.255

        inet 10.40.2.24 netmask 0xffffff00 broadcast 10.40.2.255

        inet 10.40.2.25 netmask 0xffffff00 broadcast 10.40.2.255

        partner sanvif1 (not in use)

        ether 02:a0:98:2c:21:82 (Enabled interface groups)

sanvif2-50: flags=0x6b08862<BROADCAST,RUNNING,MULTICAST,TCPCKSUM,NOWINS> mtu 1500

        ether 02:a0:98:2c:21:82 (Enabled interface groups)

billshaffer
8,340 Views

That looks okay to me.

RATNATHURAI
8,340 Views

Billshaffer,

Do I have at add route for new vlan 50, route add net 10.40.5/24 10.40.5.1 or the default route will take care the route for 10.40.5.0/24?

billshaffer
8,340 Views

That depends on your network - best ask the network team!

Bill

Public