Set up a VLAN - something's not right

Discussion in 'Technical' started by Kronz, Oct 7, 2017.

  1. Kronz

    Kronz Member

    So, I have set up a virtual network adapter in the OS, macvlan0 with its own MAC and DHCP-configured IP.
    I also bought a Web Managed Smart Switch - Repotect RP 1008W.

    How do I set up the VLAN so that the IP address assigned to the virtual network adapter macvlan0 is pingable from the outside world ? I tried a few configurations, but they all failed, as I don't really understand VLAN's.

    Please help.
     
  2. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    you likely have some kind of firewall running or there's no route from one to the other subnet.
    check wether there is any firewall blocking ICMP traffic and allow that or check that your outside device has a route to your gateway connecting things together.

    I don't know your setup nor the switch you mentioned, would've read the manual for how to check/do that or look at the setup pages
     
  3. Kronz

    Kronz Member

    The firewall within ISPConfig has been configured to use this IP.

    Something strange happens when I activate the macvlan0 interface. The machine stops responding to PING and can't ping anyone.

    All sites deployed on the machine remain accessible, though.

    Here is my /etc/network/interfaces file

    Code:
      1 # This file describes the network interfaces available on your system
      2 # and how to activate them. For more information, see interfaces(5).
      3
      4 source /etc/network/interfaces.d/*
      5
      6 # The loopback network interface
      7 auto lo
      8 iface lo inet loopback
      9
    10 # The primary network interface
    11  auto eno1
    12  iface eno1 inet dhcp
    13  hwaddress ether 70:F3:95:0E:13:8A
    14
    15 # Second IP address, we need to set the MAC as well for DHCP to work.
    16 # iface macvlan0 inet dhcp
    17 # pre-up ip link add macvlan0 link eno1 type macvlan mode passthru
    18 # hwaddress ether 60:F3:95:0E:13:8A
    19 # auto macvlan0
    ~                          
    Edit: setting macvlan0 to mode bridge solves the ping problem but the IP assigned by DHCP to the virtual interface is still un-pingable from outside
     
    Last edited: Oct 7, 2017
  4. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    haven't thought this one out well but it may be easier to just do try and error on those, oh are you using different networks btw?

    did you play around with
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects
    echo 1 > /proc/sys/net/ipv4/conf/all/send_redirects
    
    or
    echo 1 > /proc/net/ipv4/conf/all/secure_redirects
    
    echo 1 > /proc/net/ipv4/conf/default/forwarding 
    echo 1 > /proc/net/ipv4/conf/all/forwarding 
    
    don't ask me about that, if I need that I usually look things up until I found my settings save them and tend to forget about stuff since it's documented already ;)
     
  5. Kronz

    Kronz Member

    That's what I do, but Google returns no useful info on my problem.

    Let me explain again what my problem is.

    1. There is the Smart Web Switch.
    2. There is the PC

    Since my ISP doesn't allow me to do IP aliasing and uses DHCP to assign IP's, I use MACVLAN inside the PC's OS to create multiple VLAN interfaces, each with its own MAC, and the ISP assigns them IP's by DHCP.

    There are no different networks. It's a single PC behind a smart web switch, pretending to have multiple network interfaces, so it can have multiple IP's, because IP aliasing doesn't work on my network.

    I hope this makes it more clear now.
     
  6. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    I see, you have created a bridge with the members eno1 and macvlan0 making macvlan0 responsible for traffic virtually and eno1 physically?
    how are your other virtual interfaces set up? eno1 shouldn't have an IP, it won't be used / isn't reachable imho.

    for example I have
    Code:
    iface eth0 inet manual
    
    auto vmbr0
    iface vmbr0 inet static
        address  10.20.30.25
        netmask  255.255.255.0
        gateway  10.20.30.1
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
        up ip route add 10.20.30.26/32 dev vmbr0
        up ip route add 10.20.30.27/32 dev vmbr0
        up ip route add 10.20.30.28/32 dev vmbr0
        up ip route add 10.20.30.29/32 dev vmbr0
    
    where the different up ip route things could aswell be virtual interfaces like

    Code:
    iface vmbr0:1  ...
    hwaddress ...
    
    however I'd need to do some testing, never had the possibility to play with vlan yet though it's something I'd like to do for a very long time. so I don't know if this answers is remotly helpful :/
     

Share This Page