3

I have a server with multiple adapters in a bond, bond0.

I am not sure (even after extensive research) how to bring up the bond0 device without an IP address. I want the VLANs to use bond0, but not have an untagged interface on the server.

auto eth0
iface eth0 inet manual
        bond-master bond0
auto eth1
iface eth1 inet manual
        bond-master bond0
auto bond0
iface bond0 inet static
        address 192.168.1.100
        netmask 255.255.255.0
        network 192.168.1.0
        bond-slaves none
        bond-miimon 100
        bond-mode 802.3ad
auto vlan50
iface vlan50 inet static
        address 192.168.248.241
        netmask 255.255.255.0
        network 192.168.248.0
        vlan-raw-device bond0

The above configuration works, and works fine, except bond0 has an address that is not on a tagged vlan.

The switch is setup correctly. The VLAN works fine. The server is a member of multiple VLANs, the configuration above is simplified as the rest of the configuration has nothing to do with my issue.

Yes, I could just throw a dummy address into the bond0 interface, but that doesn't seem as clean to me.

I tried following:

https://wiki.debian.org/NetworkConfiguration#Bringing_up_an_interface_without_an_IP_address

but, this didn't work and left the bond0 unconfigured and therefore no network connectivity.

OS: Ubuntu 14.04.2 LTS

JTWOOD
  • 328
  • 1
  • 6
  • 15

2 Answers2

2

I would presume something like this should work:

auto lo
iface lo inet loopback

auto bond0
iface bond0 inet static
   pre-up ifconfig     bond0 up
   pre-up ifenslave    bond0 eth0 || /bin/true
   pre-up ifenslave    bond0 eth1 || /bin/true

   down   ifenslave -d bond0 eth0 || /bin/true
   down   ifenslave -d bond0 eth1 || /bin/true

auto bond0.50
iface bond0.50 inet static
   address 192.168.248.241
   netmask 255.255.255.0
   network 192.168.248.0
Jeroen
  • 1,341
  • 7
  • 16
1

I don't know the details of the network configuration files of recent Debian releases, but you should achevie what you want following these steps:

  1. remove base interface (bond0) IP using the command "ip addr flush dev bond0" or "ifconfig bond0 ip 0.0.0.0"
  2. insert an iptables rules that drop any traffic coming from the untagged interface (bond0) using the command "iptables -I INPUT 1 -i bond0 -j DROP"

Anyway, it is probably easier to configure the switch to drop all untagged traffic coming to/from the specific network ports used for bonding.

shodanshok
  • 47,711
  • 7
  • 111
  • 180
  • I know I could do this, but it seems frustrating I can't just do it the way I want to. If it were a regular interface without the bonding, it would be simple enough to do, but that method seems to not work with the bond. Probably something to do with the way the bonding interface comes up in the scripts according to the parameters in the interfaces file. I'll dabble around with it some more and give further insight. Not quite the answer I was looking for as far as the bounty, but worthy of some points. – JTWOOD Feb 26 '15 at 16:31
  • Your answer ended up being the closest to what seems to be a good working solution. I'll keep at it when I have some time here and there and see if I can determine how to get the bond to come up cleanly without this workaround. Because of this, you get the bounty. – JTWOOD Mar 06 '15 at 13:49