Sunday, June 27, 2010

Setting up VLAN on Ubuntu 9.10

VLAN has an important role at enterprise networks. If your company is medium to high size it could benefit from vlan feature.

In this post I'll talk about how to set up VLAN on Ubuntu and Debian. If you don't know what is VLAN or would like more basic information how VLAN works on linux, read this post

Don't forget to have vlan working well, you kernel must support it and your system should have vlan tools installed.

In your system, open the interfaces file
sudo nano /etc/network/interfaces

As you can see there are some interfaces defined like lo or eth0

Edit the file typing the following text doing the necessary changes for your environment.
Put the following text at the end of the file

sudo nano /etc/network/interfaces

# ---------------------beginning of the file -------------------------------#
auto vlan10
auto vlan100

# VLAN 10
iface vlan10 inet static
mtu 1500
vlan_raw_device eth0

# VLAN 100
iface vlan100 inet static
mtu 1500
vlan_raw_device eth0

#------------------------- enf of the file -----------------------------------#

Save the file and restart the network interfaces

sudo /etc/init.d/networking restart

check if the NIC is communicating. Try to ping some host at the same VLAN.tag

I've seen many distributions where after the networking restart, they show some error saying the module for 802.1Q support must be loaded first. The case is I've never had to load that module in new distros, it's just a warning. You could check if the module is loaded typing

# lsmod |grep 8021q

If you see something like:

8021q                20832 0
then, the module is attached to kernel. Good news !

Well, any questions about it, any problem, send me a comment. I appreciate.

VLAN on Linux

VLAN is a logical LAN, it means you should have different Virtual LANs on a single "Real" LAN. Local Area Network is very very popular nowadays since the 90's and since that time these networks have grown to the point their management became a headache.

The solution: "Virtual LANs" defined on network switches. The standard for VLAN was defined by IEEE like many other standards. Of course there are other vlan standards stablished by Cisco but 802.1Q from IEEE is the most common. The major of swtiches manufactures have been supported this standard since some years ago and probably if you bye a new one, it must have 802.1Q support if it has management feature.

With different VLANs your network could be dived for example between departments using one single switch. The advantages to have the network divided are: data and broadcast packages from a different VLAN can't go to another, increasing the Ehernet protocol efficiency. Since both VLANs can't see ethernet packets from the other virtual lan, to communicate these vlans with each other you should have a router with one of its network interfaces using both VLAN tags ID to see the packets and stablish a route to each other. 802.1Q uses a 4 bytes into the header of the Ethernet frame and 12 bit from these bytes to identify a specific VLAN.

In certain situations, you could need a single server network interface or even a desktop interface to work using VLAN, for example, to make a router using Linux ! This is the cheapest way to go VLAN

To have Linux working with it you must have kernel support and vlan tools. Most of recent linux distributions have support in the kernel and also have the packages available. Ubuntu 9.10 and later have it. If you have a different distribuition, please check for kernel version

First get the kernel version your system are using
sudo uname -a

If you got a version 2.6.29 or upper, your system support vlan.

That is the kernel version I was using in the time I was writing this tutorial. 2.6.31-22-generic-pae SMP

Let's install vlan now the vlan package.

On Ubuntu or Debian type:

sudo apt-get install vlan

If you're using Fedora, Centos or RHEL, type using root account:

yum install vlan

Setting up VLANs

now you have vlan package installed, it's time to create some vlans.
With vlan support into linux kernel you don't need vconfig anymore. This command is deprecated. If you see any tutorial using it, it's old and should be avoided.

To do this tutorial as a whole you must have two computers connected to each other by cable or a network switch with VLAN tag support and then set it up some ports to work using a specific vlan id (tag).
These experiments could be done using Ubuntu live CD on the two computers but you could set up windows in one of the machines since some NICs have 802.1Q support and have an option usually in the advanced configuration from the card.

Our Scenario:
VLAN  tag 10
VLAN tag  12

A laptop using Via Rhino II Fast Ethernet Card  called computer1
A desktop computer using Intel Pro/100 VE Network card  ( it has auto sense then you don't need a crossover cable to connect each other, just a simple utp cable), this will be called computer2

With both computer connected to each other let's create the first vlan.

Computer1's console

sudo   ip link add link eth0 name eth0.10 type vlan id 10
sudo ip link add link eth0 name eth0.12 type vlan id 12

Now, define IP addresses for the two devices created:
sudo ipconfig eth0.10 netmask up
sudo ipconfig eth0.12 netmask up

Now, at the Computer2

sudo ip link add link eth0 name eth0.10 type vlan id 10
sudo ip link add link eth0 name eth0.12 type vlan id 12 

sudo ipconfig eth0.10 netmask up
sudo ipconfig eth0.12 netmask up

Now we should have communication between the two computers. You could send some ICMP packets from one to the other

Computer1 console:

# ping

# ping

If everything is correct, you must see ping packets echoing.

Well, there are so many ways to do the same. Linux has many commands. In another port I'll show what you can do more with VLANs.

Saturday, June 26, 2010

Quick Post - Installing Gnome window manager in Ubuntu Server 9.10

To help people reading my posts here in the blog and need further information to complete those tutorials in the posts, I'm going to post the Quick Post. My intenntion is to provide short information and tweaks about the themes.

Well, let's start the first quick post. I'll explain how to install Gnome desktop on Ubuntu Server 9.10.
You could ask me why don't you use Ubuntu Desktop ? In fact I use it on my desktop. The purpose to have an window manager like gnome in the server is to perform some specific tasks impossible to do by command line.
Let me explain that. For example: to create a new Virtualbox virtual machine you need an window manager supported by virtualbox software.
 In the future I could post more examples about features and resources only available over window manager like Gnome or KDE.
Of course the objetive for this post is also support further readings and articles I'll post here in the blog.

Installing Gnome in Ubuntu Server 9.10

Having installed Ubuntu server as usual with only the command line available follow these steps:
  1. sudo apt-get install linux-headers-$(uname -r) build-essential ubuntu-desktop
  2. sudo dpkg-reconfigure xserver-xorg
  3. sudo /etc/init.d/gdm start
If everything acurred as usual, you should see Gnome login window. Enter your login and password information and you have finished !!

If something is wrong, check error logs in /var/logs/X11 directory or /var/log. Look for Xorg.0.log. Also in /var/log read the messages file and look for some X11 errors.

One of the most known problemas about window manager is misconfiguration for the video card. Sometimes you can fix them using apt-cache search < card's name > For example apt-cache search nvidia. It will show us drivers for nvidia cards. The same could happen with intel cards, onboard chipsets or other brands. Don't forget, look first using apt-cache. If you still couldn't find it, check for vendor specific information using the command: I you found a package for your card you're lucky , now we are going to the easiest part: get the package's name and type

# apt-get install

# lspci
It will show every pci card information

Then, with the card's model you can find drivers at the vendor's webste and read more information about how to install it.

my first post - Goals

this post intend to show up my goals here in this blog.

I appreciate every comment about the content here. Please send me suggestions about softwares and technologies you and your company would like in a review.

Like any human I also have my limitations and I could make a mistake eventually. Please correct me if there's something wrong here in the posts !

At this time I'm planning the following contents:

  • Virtualization on linux - What's the best for companies ?
  • Asterisk and variations- Low and efficient telephony using Voip
  • What you should do to keep your network secure
  • Backup solutions