yaroslav-gwit
Using vlan's with Hoster
I tried to make vlans work like this without connectivity success so far. The ix0 interface is an unused nic connected to a trunk port with multiple tagged vlans.
cat /etc/rc.conf
ifconfig_ix0="up"
vlans_ix0="1011"
ifconfig ix0
ix0: flags=1008943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
options=4e53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG>
ether a1:12:6f:f8:ef:f9
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ifconfig ix0.1011
ix0.1011: flags=1008942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
options=4600303<RXCSUM,TXCSUM,TSO4,TSO6,RXCSUM_IPV6,TXCSUM_IPV6,MEXTPG>
ether a1:12:6f:f8:ef:f9
groups: vlan
vlan: 1011 vlanproto: 802.1q vlanpcp: 0 parent interface: ix0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
after hoster init the vm-testnet interface looks like this:
ifconfig vm-testnet
vm-testnet: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
options=0
ether 55:8d:f3:10:ff:af
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 17 priority 128 path cost 2000
member: ix0.1011 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 10 priority 128 path cost 20000
groups: bridge
nd6 options=9<PERFORMNUD,IFDISABLED>
cat /opt/hoster-core/config_files/network_config.json
...
{
"network_name": "testnet",
"network_gateway": "10.1.1.1",
"network_subnet": "10.1.1.0/24",
"network_range_start": "10.1.1.100",
"network_range_end": "10.1.1.140",
"bridge_interface": "ix0.1011",
"apply_bridge_address": false,
"comment": "External testnetwork"
},
Is there an option to define networks with 802.1Q tagging in the Hoster network_config.json directly?
You can't specify the VLAN tag directly in the JSON config (maybe I'll add it as an option, we'll see), but here is how I work around it (all the VLANs in question must be of type tagged for this to work, as tap interfaces on FreeBSD don't like being bridged to the untagged/native VLANs).
Add the VLANs to your rc.conf or use ifconfig to configure them "on-the-fly":
defaultrouter="192.168.10.254"
ifconfig_bge0="up"
vlans_bge0="10 20"
ifconfig_bge0_10="inet 192.168.10.10 netmask 255.255.255.0"
ifconfig_bge0_20="inet 192.168.20.10 netmask 255.255.255.0"
Then modify your netork_config.json to look like so:
{
"network_name": "lan20",
"network_gateway": "192.168.20.254",
"network_subnet": "192.168.20.0/24",
"network_range_start": "192.168.20.100",
"network_range_end": "192.168.20.120",
"bridge_interface": "bge0.20",
"apply_bridge_address": false,
"comment": "VLAN 20"
},
{
"network_name": "lan10",
"network_gateway": "192.168.10.254",
"network_subnet": "192.168.10.0/24",
"network_range_start": "192.168.10.100",
"network_range_end": "192.168.10.120",
"bridge_interface": "bge0.10",
"apply_bridge_address": false,
"comment": "VLAN 10"
}
So you are on the right track, just don't forget to run network init to apply the changes on the Hoster end:
hoster network init
network init creates the missing bridges which are present in the JSON config, but aren't present on the system.
Thanks, so my config is basically the same except that i dont want to give Hoster an ip address on the vlans so i leave out this part for my interfaces
ifconfig_bge0_10="inet 192.168.10.10 netmask 255.255.255.0" ifconfig_bge0_20="inet 192.168.20.10 netmask 255.255.255.0"
Does HosterCore expect to have an IP address assigned?
No, it doesn't. I've got a setup similar to that. One VLAN interface has an IP address on it, the other one doesn't - and everything works just fine.
But like I said before (and sorry if I wasn't clear on this) - the interface on the switch can't have any untagged/native VLANs, otherwise it won't work. I don't know why that's the case - but it's something I've learned about FreeBSD/bhyve on practice.
But like I said before (and sorry if I wasn't clear on this) - the interface on the switch can't have any untagged/native VLANs, otherwise it won't work. I don't know why that's the case - but it's something I've learned about FreeBSD/bhyve on practice.
Yes, as mentioned in my first post, this is exactly how i configured it: on a separate unused nic connected to trunk port on the switch with only tagged vlans.
With a pfctl -d i can rule out firewall problems i assume?
Yeah, you could try disabling the pf. Also, check if the hoster-testnet network is up (after running hoster network init).
Solved it with defining my vlans like this:
vlans_ix0="vlan1011"
create_args_vlan1011="vlan 1011 vlanproto 802.1Q"
ifconfig_vlan1011="up"
ifconfig_ix0="up"
Is there a "Hoster" way to login to jails btw? Right now i am using jexec -U root $JAILNAME
Thanks again for this interesting vm/container management tool is there a good way to find out about the undocumented features in Hoster somehow? Assuming there are some? :D
I am glad you were able to solve the VLAN issues 👍
There is no jexec wrapper yet, but I definitely wanted to create one. So for now use the native jexec method to get into Jails 😅
All CLI based stuff is contained in this folder:
/HosterCore/cmd/
You could just browse the files and look at the commands and options available. Also, there is an API with always up-to-date Swagger docs:
HosterCore/tree/main/internal/app/rest_api_v2
Or you can visit the HTTP endpoint directly to check the OpenAPI/Swagger docs (the last slash is important):
http://<hoster_ip_or_hostname>:3000/api/v2/swagger/docs/