Solved

Linux NFS boot (nfsroot) and VLAN

Posted on 2009-05-11
4
1,211 Views
Last Modified: 2013-12-02
Hi experts,

imagine the following implementation:
- NFS server on private LAN, vlan 5 on the switch's port
- Linux server, with system NFS share and getting kernel through tftp as part of the nfsroot process, vlan 5 for private IP address and vlan 15 and 20 on public IP ranges.

NFS client interfaces configuration is like :
- eth0 with private IP address
- vlan15 using raw-device-id eth0, with one public IP address
- vlan20 using raw-device-id eth0, with one public IP address on another range

From the Foundry point of view, the port of the nfs client is tagged on vlan 5, 15 and 20, dual-mode on vlan 5 (please translate to Cisco if needed)

The problem is that when the nfs client boots, he can't mount the NFS share to get its system space unless its switch's port is "no tagged" for vlan 15 and 20 (which needs to be tagged again in order to reach the world).
In fact, he can't even get DHCP answer at that time (well, the DHCP request doesn't reach the DHCP server).
Another nfs client which doesn't need vlan other than 5 (only on private network) can boot without any trouble.

I guess that's because there is no way to tell the kernel "hey dude, use vlan5" while booting.
Is that correct?
Why doesn't use the vlan specified on the dual-mode option of the switch's port?
Is there any workaround?

By the way, how do YOU use vlans on your network?

Thanks for your help.
0
Comment
Question by:Alf92130
  • 2
  • 2
4 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 24361951
AFIR on cisco switches(at least 29xx) You can tell port to tag untagged frames with default vlan id, in Your case it's 5. What's the switch, and what's the port config?

> I guess that's because there is no way to tell the kernel "hey dude, use vlan5" while booting.
Actually You probably could hack the initrd to init eth on vlan5, but it's not kernel who asks for DHCP and kernel+initrd via tftp - right?
0
 
LVL 1

Author Comment

by:Alf92130
ID: 24362329
Hi ravenpl, thanks for replying!

The switch is a Foundry FastIron II, port is tagged on vlan 5, 15 and 20 with "dual-mode 5", meaning "untagged frames go through vlan 5", I guess it's like the 29XX+ feature.
(http://www.foundrynetworks.co.jp/services/documentation/sribcg/VLANs.html#33633)
At that point I thought it should work but didn't. I wish I could blame Foundry but I won't yet.

>Actually You probably could hack the initrd to init eth on vlan5, but it's not kernel who asks for DHCP
> and  kernel+initrd via tftp - right?
Mhh I don't think I use initrd at all for the moment and I don't know it that much, any hint could be appreciated =)
Indeed, PXE asks for DHCP and kernel via tftp, thanks for pointing that out. I'm gonna check if there is any VLAN option in PXE configuration ...
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 24362937
> Mhh I don't think I use initrd at all
They always come in twos, the master kernel and the apprentice initramfs <lol> Check out the tftp dir...
0
 
LVL 1

Accepted Solution

by:
Alf92130 earned 0 total points
ID: 24413286
Of course, PXE doesn't provide the option.
Anyway, we decided to cancel this project and went back on a non-tagged vlan.

If anyone still got the answer, I hope he can post it, but I'm gonna close this question.
ravenpl> thanks for your participation, I'll give you some points for that.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction People like FTP.  It's a solid, stable, robust protocol for quickly transferring files between two hosts using TCP/IP.  In most cases it's much faster than SMB or CIFS, and certainly much easier to set up between organizations.  This…
If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question