LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity
LDP/LDP/retired/PLD-Guide/admin-manual/netconfig.xml

336 lines
11 KiB
XML
Raw Permalink Blame History

<chapter id="network">
<title>Network configuration</title>
<section id="interfaces">
<title>Interfaces</title>
<para>ethernet, dial-ups, how to up/down interface</para>
</section>
<section id="sysconfig-network">
<title>Basic configuration</title>
<para>resolver, local network, hostname, default router</para>
</section>
<section id="internet">
<title>Internet access</title>
<para>cable, dial-up, etc.</para>
</section>
<section id="routing">
<title>Advanced routing</title>
<abstract>
<para>Written by Olgierd Pieczul</para>
</abstract>
<!-- here should go description of what's in static-routes
(there is on in rc-scripts docs (sysconfig.docb))
-->
<para>
Advanced routing support is provided by rc-scripts.
You may specify rules in <filename>/etc/sysconfig/ip-rules</filename> file.
</para>
<para>
Syntax:
</para>
<programlisting>
rule rule-arg [rule rule-arg ...] dest dest-arg [dest dest-arg]
</programlisting>
<para>
Rule is one of following rule-argument pairs:
</para>
<programlisting>
from prefix
to prefix
tos tos
fwmark fwmark
dev device
pref metric
</programlisting>
<para>
Destination, and its args are as follows:
</para>
<programlisting>
table tableid|name
nat prefix
prohibit, reject, unreachable
realms [srcrealm/]dstrealm
</programlisting>
<para>Some examples:</para>
<programlisting>
from 10.0.1/24 table 100
from 10.0.1/24 to 10.2/16 fwmark 3 table 4 nat 10.3.0.1
</programlisting>
<para>
Rules of advanced routing are automatically set and removed during network startup and shutdown.
</para>
</section>
<section id="services">
<title>Services</title>
<section>
<title>Intro</title>
<para>/etc/services, ...</para>
</section>
<section>
<title>Inetd services</title>
<para>rc-inetd overview, </para>
</section>
<section>
<title>Standalone services</title>
<para>supported MTA's, httpd, ftpd, samba, etc ...</para>
</section>
</section>
<section id="vlan-software">
<title>VLAN configuration</title>
<abstract>
<para>This section has been written by Pawel Golaszewski.</para>
</abstract>
<section>
<title>Software VLAN</title>
<para>
A very convenient support for software VLANs (Virtual Local Area Network)
IEEE 802.1Q is provided by PLD rc-scripts.
Software VLANs are available both in 2.4 kernels, and 2.2 kernels from PLD.
<!-- check it out! -->
</para>
<para>
To be able to use VLAN, an extra software is necessary
(it is provided by <literal>vlan</literal> rpm package).
Then, all we need is setting up proper VLAN interface description.
</para>
<example>
<title>Example VLAN interface file: /etc/sysconfig/interfaces/ifcfg-eth0.4</title>
<programlisting>
DEVICE="eth0.4"
ONBOOT="yes"
BOOTPROTO="none"
IPADDR="192.168.0.13"
PREFIX="24"
</programlisting>
</example>
<para>
Then, bringing up interface eth0 automatically creates VLAN on interface eth0
using address provided in IPADDR variable.
The digit 4 in DEVICE tells that device should be in VLAN 4.
</para>
<note>
<para>Appending ".4" to the file name does not have any special meaning,
here it has been done just to distinguish somehow this file from
file <filename>ifcfg-eth0</filename> containing main description of
interface eth0 that must be also present in the directory.
</para>
</note>
</section>
<section id="vlan-hardware">
<title>Hardware VLAN</title>
<section>
<title>Setting up</title>
<para>
PLD contains software to support hardware VLAN available in Intel(R) PRO/100 adapters.
However, using that is a bit more complicated that setting up software
VLANs described in previous section.
</para>
<para>
First, some extra software is necessary:
<literal>kernel-net-e100</literal>, <literal>kernel-net-ians</literal>
and <literal>ians</literal>. Number of possible VLANs is limited to 64,
though they can be numbered from 1 to 4096.
</para>
<para>
Package <literal>kernel-net-e100</literal> provides kernel module
<literal>e100</literal> that is replacement for standard
kernel module <literal>eepro100</literal>. Thus in <filename>/etc/modules.conf</filename>
we replace (assuming we have eth0 and eth1 interfaces):
<programlisting>
alias eth0 eepro100
alias eth1 eepro100
</programlisting>
with
<programlisting>
alias eth0 e100
alias eth1 e100
</programlisting>
</para>
<note>
<para>
It is <emphasis>not</emphasis> possible to simultaneously use eepro100 and e100 modules because
intel module, once loaded, immediately searches for
<emphasis>all</emphasis> installed cards.
</para>
</note>
<para>
Next step is to turn down all interfaces based on Intel
adapters if they are running. That can be done be stopping network subsystem
that (as described in <xref linkend="subsystems"/>),
or by stopping particular interfaces
(that can be found in <xref linkend="interfaces"/>).
Also remove old module, if it is still present (<command>rmmod eepro100</command>).
</para>
<para>
Now the VLANs must be configured. Here is the real-life example:
<programlisting>
ianscfg -a -t ve1 -M NONE -V
ianscfg -a -t ve1 -m eth1 -p none
ianscfg -a -t ve1 -v eth1.40 -i 40
ianscfg -a -t ve1 -v eth1.43 -i 43
ianscfg -a -t ve1 -v eth1.44 -i 44
ianscfg -a -t ve1 -v eth1.45 -i 45
ianscfg -a -t ve1 -v eth1.46 -i 46
ianscfg -a -t ve1 -v eth1.47 -i 47
ianscfg -a -t ve1 -v eth1.48 -i 48
ianscfg -c ve1
</programlisting>
This sequence creates 7 VLANs (40, 43, 44, 45, 46, 47, 48) on eth1 adapter.
Interfaces themselves are configured in standard way,
(like in <xref linkend="vlan-software"/>), by creating description file in
<filename>/etc/sysconfig/interfaces/</filename>. E.g. for eth1.40 it could be
defined in file <filename>/etc/sysconfig/interfaces/ifcfg-eth1.40</filename>
in following way:
</para>
<programlisting>
DEVICE="eth1.40"
ONBOOT="yes"
BOOTPROTO="none"
IPADDR="192.168.0.13"
PREFIX="24"
</programlisting>
<para>
Now it's enough to bring all interfaces up. This can be accomplished with the following
procedure:
</para>
<orderedlist>
<listitem>
<programlisting>ianscfg -a -t ve1 -M NONE -V</programlisting>
<para>Create "team" named ve1 without any team-mode
(teams are discussed <xref linkend="vlan-aggregation"/>)</para>
</listitem>
<listitem>
<programlisting>ianscfg -a -t ve1 -m eth1 -p none</programlisting>
<para>Add to team ve1 interface eth1 without any priority</para>
</listitem>
<listitem>
<programlisting>ianscfg -a -t ve1 -v eth1.40 -i 40</programlisting>
<para>Add virtual interface eth1.40 working on VLAN 40 to team.</para>
</listitem>
<listitem>
<programlisting>ianscfg -c ve1</programlisting>
<para>"Commit" team ve1 (make it active).</para>
</listitem>
</orderedlist>
<para>
In this solution, system does not know anything about VLANs because
they are supported on hardware level. The disadvantage of this
solution is that VLANs must be configured first, before
interfaces could be brought up. Bringing interfaces down must
be performed in reverse order. Thus, in our example:
</para>
<programlisting>
ianscfg -d -v eth1.40
ianscfg -d -v eth1.43
ianscfg -d -v eth1.44
ianscfg -d -v eth1.45
ianscfg -d -v eth1.46
ianscfg -d -v eth1.47
ianscfg -d -v eth1.48
ianscfg -d -m eth1
ianscfg -d -t ve1
</programlisting>
<important>
<para>
When interfaces are named like in the example, the <literal>vlan</literal>
package must not be installed, otherwise rc-scripts would attempt to
additionally set up software VLANs.
</para>
</important>
</section>
<section id="vlan-aggregation">
<title>Aggregation of network cards</title>
<para>
Using e100 modules, <command>ians</command> and <command>ianscfg</command>
it is possible to make use of so-called
<emphasis>aggregation of network cards</emphasis> i.e.
multiple network adapters can be used as one device.</para>
<para>
Intel cards have 3 modes of team-work:
</para>
<variablelist>
<varlistentry>
<term>Adapter Fault Tolerance (AFT)</term>
<listitem>
<para>
Default mode. Only one card is working (called primary), while second card
waits. If primary card dies, second card replaces it.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Adaptive Load Balancing (ALB)</term>
<listitem>
<para>
Allows for sharing the load among 2-8 network cards, but only
primary receives and transmits packets.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Link Aggregation (FEC*/LA/802.3ad or GEC*/LA/802.3ad)</term>
<listitem>
<itemizedlist>
<listitem>
<para>
FEC*/LA/802.3ad (Cisco*'s Fast EtherChannel* Technology
(FEC)/Intel Link Aggregation or IEEE 802.3ad Link Aggregation)
allows for collective work of 2-8 adapters in receiving/transmitting packets.
All cards must work with the same speed and the same duplex.
Aggregation must be supported by switch and spanning tree must be
enabled.
</para>
</listitem>
<listitem>
<para>
GEC*/LA/802.3ad is a similar mode for Gigabit.
Module <literal>e1000</literal> should be used instead
of <literal>e100</literal>.
</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
</variablelist>
<para>
Example:
</para>
<programlisting>
ianscfg -a -t ve0 -M ALB
ianscfg -a -t ve0 -m eth0 -p primary
ianscfg -a -t ve0 -m eth1 -p secondary
ianscfg -c ve0
</programlisting>
<para>Additionally, the team can handle VLANs on team.</para>
<!-- Hmm.. what does it mean? -->
</section>
</section>
</section>
</chapter>
<!-- Keep this comment at the end of the file
Local variables:
mode: xml
sgml-omittag:nil
sgml-shorttag:nil
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-default-dtd-file:"../dbxbook4.1.2.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
sgml-declaration:nil
sgml-validate-command:"rxp -sxV %s %s"
sgml-parent-document:("PLD-Guide.xml" "book" "section")
End:
-->
View Git Blame Copy Permalink