?
Solved

Linux NFS boot (nfsroot) and VLAN

Posted on 2009-05-11
4
Medium Priority
?
1,235 Views
Last Modified: 2013-12-02
Hi experts,

imagine the following implementation:
- NFS server on private LAN, vlan 5 on the switch's port
- Linux server, with system NFS share and getting kernel through tftp as part of the nfsroot process, vlan 5 for private IP address and vlan 15 and 20 on public IP ranges.

NFS client interfaces configuration is like :
- eth0 with private IP address
- vlan15 using raw-device-id eth0, with one public IP address
- vlan20 using raw-device-id eth0, with one public IP address on another range

From the Foundry point of view, the port of the nfs client is tagged on vlan 5, 15 and 20, dual-mode on vlan 5 (please translate to Cisco if needed)

The problem is that when the nfs client boots, he can't mount the NFS share to get its system space unless its switch's port is "no tagged" for vlan 15 and 20 (which needs to be tagged again in order to reach the world).
In fact, he can't even get DHCP answer at that time (well, the DHCP request doesn't reach the DHCP server).
Another nfs client which doesn't need vlan other than 5 (only on private network) can boot without any trouble.

I guess that's because there is no way to tell the kernel "hey dude, use vlan5" while booting.
Is that correct?
Why doesn't use the vlan specified on the dual-mode option of the switch's port?
Is there any workaround?

By the way, how do YOU use vlans on your network?

Thanks for your help.
0
Comment
Question by:Alf92130
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 24361951
AFIR on cisco switches(at least 29xx) You can tell port to tag untagged frames with default vlan id, in Your case it's 5. What's the switch, and what's the port config?

> I guess that's because there is no way to tell the kernel "hey dude, use vlan5" while booting.
Actually You probably could hack the initrd to init eth on vlan5, but it's not kernel who asks for DHCP and kernel+initrd via tftp - right?
0
 
LVL 1

Author Comment

by:Alf92130
ID: 24362329
Hi ravenpl, thanks for replying!

The switch is a Foundry FastIron II, port is tagged on vlan 5, 15 and 20 with "dual-mode 5", meaning "untagged frames go through vlan 5", I guess it's like the 29XX+ feature.
(http://www.foundrynetworks.co.jp/services/documentation/sribcg/VLANs.html#33633)
At that point I thought it should work but didn't. I wish I could blame Foundry but I won't yet.

>Actually You probably could hack the initrd to init eth on vlan5, but it's not kernel who asks for DHCP
> and  kernel+initrd via tftp - right?
Mhh I don't think I use initrd at all for the moment and I don't know it that much, any hint could be appreciated =)
Indeed, PXE asks for DHCP and kernel via tftp, thanks for pointing that out. I'm gonna check if there is any VLAN option in PXE configuration ...
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 24362937
> Mhh I don't think I use initrd at all
They always come in twos, the master kernel and the apprentice initramfs <lol> Check out the tftp dir...
0
 
LVL 1

Accepted Solution

by:
Alf92130 earned 0 total points
ID: 24413286
Of course, PXE doesn't provide the option.
Anyway, we decided to cancel this project and went back on a non-tagged vlan.

If anyone still got the answer, I hope he can post it, but I'm gonna close this question.
ravenpl> thanks for your participation, I'll give you some points for that.
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question