Configure VLAN on top of network team using nmcli / NetworkManager

This post is almost similar as the previous where I created a team with two network nics as members using NetworkManager nmcli from a console. This time I have added a VLAN on top of my LACP network team with two member nics.

First we need to install the teamd package if it is not already installed.

# yum install teamd

Using the console command nmcli and NetworkManager and a json-config file with the default config for the team, filename team-master-conf.json:

{
        "runner":       {
                "active": true,
                "fast_rate": true,
                "name": "lacp",
                "tx_hash": [ "eth", "ipv4" ]
        },
        "tx_balancer":  { "name": "basic" },
        "link_watch":   { "name": "ethtool" }
}
# nmcli con add type team con-name team0 ifname team0 config team-master-conf.json
# nmcli con add type team-slave con-name team0-em1 ifname em1 master team0
# nmcli con add type team-slave con-name team0-em2 ifname em2 master team0

I have not added an IP-address to the new team since I will add that on the VLAN interface.

Check the status of the team

# nmcli con status
NAME               UUID                                  TYPE            DEVICE
team0              7f0c0038-b8c1-45bb-a286-501d02304700  team            team0
team0-em1          0394e2ae-6610-4997-92db-775876866d0d  802-3-ethernet  em1
team0-em2          7050d641-83bb-497a-ae23-6af029386117  802-3-ethernet  em2

Check the state of the team

# teamdctl team0 state
setup:
  runner: lacp
ports:
  em1
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 1
    runner:
      aggregator ID: 12, Selected
      selected: yes
      state: current
  em2
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
    runner:
      aggregator ID: 12, Selected
      selected: yes
      state: current
runner:
  active: yes
  fast rate: yes

Add a VLAN to the network team

# nmcli con add type vlan con-name team0-vlan12 dev team0 id 12 ip4 10.1.0.20/24 gw4 10.1.0.1

The new config looks like this

# nmcli con s | grep team
team0              7f0c0038-b8c1-45bb-a286-501d02304700  team            team0
team0-vlan12       d5de0d83-d490-4535-915c-4cbdcf39830b  vlan            team0.12
team0-em1          0394e2ae-6610-4997-92db-775876866d0d  802-3-ethernet  em1
team0-em2          7050d641-83bb-497a-ae23-6af029386117  802-3-ethernet  em2

This config is confirmed working on RHEL 7.4 and Centos.
I assume the switch is configured as needed before starting this config on the server.

Configure network team using nmcli / NetworkManager

This is a short post on how to create a LACP network team with two member nics using NetworkManager and nmcli. Configuring av network team is very similar to creating a bond.

First we need to install the teamd package if it is not already installed.

# yum install teamd

I have also included a json-config file with the default config for the team, filename team-master-conf.json:

{
        "runner":       {
                "active": true,
                "fast_rate": true,
                "name": "lacp",
                "tx_hash": [ "eth", "ipv4" ]
        },
        "tx_balancer":  { "name": "basic" },
        "link_watch":   { "name": "ethtool" }
}
# nmcli con add type team con-name team0 ifname team0 config team-master-conf.json ip4 10.0.0.10/24 gw4 10.0.0.1
# nmcli con add type team-slave con-name team0-em1 ifname em1 master team0
# nmcli con add type team-slave con-name team0-em2 ifname em2 master team0

Check the status of the team

# nmcli con status
NAME               UUID                                  TYPE            DEVICE
team0              7f0c0038-b8c1-45bb-a286-501d02304700  team            team0
team0-em1          0394e2ae-6610-4997-92db-775876866d0d  802-3-ethernet  em1
team0-em2          7050d641-83bb-497a-ae23-6af029386117  802-3-ethernet  em2

Check the state of the team

# teamdctl team0 state
setup:
  runner: lacp
ports:
  em1
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 1
    runner:
      aggregator ID: 12, Selected
      selected: yes
      state: current
  em2
    link watches:
      link summary: up
      instance[link_watch_0]:
        name: ethtool
        link: up
        down count: 0
    runner:
      aggregator ID: 12, Selected
      selected: yes
      state: current
runner:
  active: yes
  fast rate: yes

Some NetworkManager basics

Take down a network interface

# nmcli con down em1

Take up a network interface

# nmcli con up em1

Delete a network interface

# nmcli con delete em1

Add a new network device

# nmcli con add em1

This config is confirmed working on RHEL 7.4 and Centos.

I assume the switch is configured as needed before starting this config on the server.

Installing Open vSwitch on CentOS 7

This post describes how to install the most recent version of Open vSwitch (ovs) on CentOS 7 and might be the base for future posts about using KVM as virtualization platform.

openvswitch-diagramOpen vSwitch is a production quality open source software switch designed to be used as a vswitch in virtualized server environments. A vswitch forwards traffic between different VMs on the same physical host and also forwards traffic between VMs and the physical network.

Install the needed packages (as root user)

# yum -y install wget openssl-devel kernel-devel

Install development tools

# yum groupinstall "Development Tools"

Add a ovswitch user

# adduser ovswitch

Download and unpack the openvswitch source code (as ovswitch user)

$ su - ovswitch
$ mkdir -p ~/rpmbuild/SOURCES
$ cd ~/rpmbuild/SOURCES
$ wget http://openvswitch.org/releases/openvswitch-2.3.1.tar.gz
$ tar xfz openvswitch-2.3.1.tar.gz

We will modify the openvswitch spec-file and use the kernel module CentOS provides instead of creating a new one.

$ sed 's/openvswitch-kmod, //g' openvswitch-2.3.1/rhel/openvswitch.spec > openvswitch-2.3.1/rhel/openvswitch_no_kmod.spec

Create a RPM-file to ease future package operations like upgrade

$ rpmbuild -bb --nocheck ~/openvswitch-2.3.1/rhel/openvswitch_no_kmod.spec
$ exit

Now is the time to install the RPM-package (as root)

# yum localinstall /home/ovswitch/rpmbuild/RPMS/x86_64/openvswitch-2.3.1-1.x86_64.rpm

If you have not disabled SElinux then you will see the following SELinux issues when you try to start the openvswitch service

install: cannot change owner and permissions of ‘/etc/openvswitch': No such file or directory and Creating empty database /etc/openvswitch/conf.db ovsdb-tool: I/O error: /etc/openvswitch/conf.db: failed to lock lockfile (No such file or directory)

This is one way to fix this issue

# mkdir /etc/openvswitch
# semanage fcontext -a -t openvswitch_rw_t "/etc/openvswitch(/.*)?"
# restorecon -Rv /etc/openvswitch

We are now ready to start the openvswitch service

# service openvswitch start
# chkconfig openvswitch on

Verify that we have installed openvswitch and that it is available

# virsh version
Compiled against library: libvirt 1.2.8
Using library: libvirt 1.2.8
Using API: QEMU 1.2.8
Running hypervisor: QEMU 1.5.3
# lsmod |grep openvswitch
openvswitch            70611  0 
gre                    13796  1 openvswitch
vxlan                  37409  1 openvswitch
libcrc32c              12644  2 xfs,openvswitch
# ovs-vsctl show
...
    Bridge "ovsbr1"
        Port "ovsbr1"
            Interface "ovsbr1"
                type: internal
    Bridge "ovsbr0"
        Port "enp0s25"
            Interface "enp0s25"
        Port "ovsbr0"
            Interface "ovsbr0"
                type: internal
    ovs_version: "2.3.1"

We are now ready to create a network bridge, but that will (maybe) be described in a future post of mine.

Using the USB31000SPTB (AX88179) on CentOS 6.5

This post is a short HOWTO and describes how to get the Startech USB31000SPTB network adapter working on CentOS 6.5. USB31000SPTB uses the AX88179 chipset and is a USB3.0 to 10/100/1000M Gigabit Ethernet Controller.  This adapter works without any modifications on Ubuntu 13.10 and 14.04 LTS.

I am using kernel version 2.6.32-431.17.1.el6.x86_64 in this post

Use the root user if sudo is unavailable.

Steps taken to download, compile and install the Axis kernel module

  1. Download the Axis linux kernel driver from http://www.asix.com.tw/products.php?op=pItemdetail&PItemID=131;71;112. I downloaded the Linux kernel 3.x/2.6.x Driver V1.10.0 2014-04-22 For Android 1.x/2.x/3.x/4.x, Linux kernel 2.6.25 and later. The file downloaded was named AX88179_178A_LINUX_DRIVER_v1.10.0_SOURCE.tar.bz2
  2. Install the build tools
    $ sudo yum groupinstall “Development Tools”
  3. Install the kernel headers
    $ sudo yum install kernel-headers
  4. Unpack the Axis kernel driver
    $ tar xfj AX88179_178A_LINUX_DRIVER_v1.10.0_SOURCE.tar.bz2
    $ cd AX88179_178A_LINUX_DRIVER_v1.10.0_SOURCE
  5. Compile and install the Axis AX88179 kernel module
    $ make
    $ sudo make install
    The kernel module is now compiled and available in the /lib/modules/2.6.32-431.17.1.el6.x86_64/kernel/drivers/net/usb folder.
    $ cd /lib/modules/2.6.32-431.17.1.el6.x86_64/kernel/drivers/net/usb
    $ sudo chmod u+x ax88179_178a.ko
  6. The Axis module is now available on the system but not enabled. The easiest way to test it is to perform a reboot or you can modprobe usbnet and insmod ax88179_178a.ko kernel module

Network adapter eth0 is now available and ready to be used.
Enjoy!

Transfer files fast between servers using netcat and tar

This is a short post on how you can transfer files unsecured but fast between linux servers. I prefer to use netcat (nc) to transfer large amounts of data between servers when I know the connection between them are secure, ie on my private LAN.

The sender server should run the following command

$ tar cf - folder | netcat 192.168.0.1 9000

and the receiveing server should listen with with this command

$ netcat -l -p 9000 | tar x