Network configuration
Interfaces
ethernet, dial-ups, how to up/down interface
Basic configuration
resolver, local network, hostname, default router
Internet access
cable, dial-up, etc.
Advanced routing
Written by Olgierd Pieczul
Advanced routing support is provided by rc-scripts.
You may specify rules in /etc/sysconfig/ip-rules file.
Syntax:
rule rule-arg [rule rule-arg ...] dest dest-arg [dest dest-arg]
Rule is one of following rule-argument pairs:
from prefix
to prefix
tos tos
fwmark fwmark
dev device
pref metric
Destination, and its args are as follows:
table tableid|name
nat prefix
prohibit, reject, unreachable
realms [srcrealm/]dstrealm
Some examples:
from 10.0.1/24 table 100
from 10.0.1/24 to 10.2/16 fwmark 3 table 4 nat 10.3.0.1
Rules of advanced routing are automatically set and removed during network startup and shutdown.
Services
Inetd services
rc-inetd overview,
Standalone services
supported MTA's, httpd, ftpd, samba, etc ...
VLAN configuration
This section has been written by Pawel Golaszewski.
Software VLAN
A very convenient support for software VLANs (Virtual Local Area Network)
IEEE 802.1Q is provided by PLD rc-scripts.
Software VLANs are available both in 2.4 kernels, and 2.2 kernels from PLD.
To be able to use VLAN, an extra software is necessary
(it is provided by vlan rpm package).
Then, all we need is setting up proper VLAN interface description.
Example VLAN interface file: /etc/sysconfig/interfaces/ifcfg-eth0.4
DEVICE="eth0.4"
ONBOOT="yes"
BOOTPROTO="none"
IPADDR="192.168.0.13"
PREFIX="24"
Then, bringing up interface eth0 automatically creates VLAN on interface eth0
using address provided in IPADDR variable.
The digit 4 in DEVICE tells that device should be in VLAN 4.
Appending ".4" to the file name does not have any special meaning,
here it has been done just to distinguish somehow this file from
file ifcfg-eth0 containing main description of
interface eth0 that must be also present in the directory.
Hardware VLAN
Setting up
PLD contains software to support hardware VLAN available in Intel(R) PRO/100 adapters.
However, using that is a bit more complicated that setting up software
VLANs described in previous section.
First, some extra software is necessary:
kernel-net-e100, kernel-net-ians
and ians. Number of possible VLANs is limited to 64,
though they can be numbered from 1 to 4096.
Package kernel-net-e100 provides kernel module
e100 that is replacement for standard
kernel module eepro100. Thus in /etc/modules.conf
we replace (assuming we have eth0 and eth1 interfaces):
alias eth0 eepro100
alias eth1 eepro100
with
alias eth0 e100
alias eth1 e100
It is not possible to simultaneously use eepro100 and e100 modules because
intel module, once loaded, immediately searches for
all installed cards.
Next step is to turn down all interfaces based on Intel
adapters if they are running. That can be done be stopping network subsystem
that (as described in ),
or by stopping particular interfaces
(that can be found in ).
Also remove old module, if it is still present (rmmod eepro100).
Now the VLANs must be configured. Here is the real-life example:
ianscfg -a -t ve1 -M NONE -V
ianscfg -a -t ve1 -m eth1 -p none
ianscfg -a -t ve1 -v eth1.40 -i 40
ianscfg -a -t ve1 -v eth1.43 -i 43
ianscfg -a -t ve1 -v eth1.44 -i 44
ianscfg -a -t ve1 -v eth1.45 -i 45
ianscfg -a -t ve1 -v eth1.46 -i 46
ianscfg -a -t ve1 -v eth1.47 -i 47
ianscfg -a -t ve1 -v eth1.48 -i 48
ianscfg -c ve1
This sequence creates 7 VLANs (40, 43, 44, 45, 46, 47, 48) on eth1 adapter.
Interfaces themselves are configured in standard way,
(like in ), by creating description file in
/etc/sysconfig/interfaces/. E.g. for eth1.40 it could be
defined in file /etc/sysconfig/interfaces/ifcfg-eth1.40
in following way:
DEVICE="eth1.40"
ONBOOT="yes"
BOOTPROTO="none"
IPADDR="192.168.0.13"
PREFIX="24"
Now it's enough to bring all interfaces up. This can be accomplished with the following
procedure:
ianscfg -a -t ve1 -M NONE -V
Create "team" named ve1 without any team-mode
(teams are discussed )
ianscfg -a -t ve1 -m eth1 -p none
Add to team ve1 interface eth1 without any priority
ianscfg -a -t ve1 -v eth1.40 -i 40
Add virtual interface eth1.40 working on VLAN 40 to team.
ianscfg -c ve1
"Commit" team ve1 (make it active).
In this solution, system does not know anything about VLANs because
they are supported on hardware level. The disadvantage of this
solution is that VLANs must be configured first, before
interfaces could be brought up. Bringing interfaces down must
be performed in reverse order. Thus, in our example:
ianscfg -d -v eth1.40
ianscfg -d -v eth1.43
ianscfg -d -v eth1.44
ianscfg -d -v eth1.45
ianscfg -d -v eth1.46
ianscfg -d -v eth1.47
ianscfg -d -v eth1.48
ianscfg -d -m eth1
ianscfg -d -t ve1
When interfaces are named like in the example, the vlan
package must not be installed, otherwise rc-scripts would attempt to
additionally set up software VLANs.
Aggregation of network cards
Using e100 modules, ians and ianscfg
it is possible to make use of so-called
aggregation of network cards i.e.
multiple network adapters can be used as one device.
Intel cards have 3 modes of team-work:
Adapter Fault Tolerance (AFT)
Default mode. Only one card is working (called primary), while second card
waits. If primary card dies, second card replaces it.
Adaptive Load Balancing (ALB)
Allows for sharing the load among 2-8 network cards, but only
primary receives and transmits packets.
Link Aggregation (FEC*/LA/802.3ad or GEC*/LA/802.3ad)
FEC*/LA/802.3ad (Cisco*'s Fast EtherChannel* Technology
(FEC)/Intel Link Aggregation or IEEE 802.3ad Link Aggregation)
allows for collective work of 2-8 adapters in receiving/transmitting packets.
All cards must work with the same speed and the same duplex.
Aggregation must be supported by switch and spanning tree must be
enabled.
GEC*/LA/802.3ad is a similar mode for Gigabit.
Module e1000 should be used instead
of e100.
Example:
ianscfg -a -t ve0 -M ALB
ianscfg -a -t ve0 -m eth0 -p primary
ianscfg -a -t ve0 -m eth1 -p secondary
ianscfg -c ve0
Additionally, the team can handle VLANs on team.