Q-in-Q
Q-in-Q is a technology that allows you to create multiple isolated segments within a single VLAN by adding an additional tag to the Ethernet packet header.
With Q-in-Q enabled on a Selectel network, you can pass your VLAN IDs on a port and tags will be delivered over the LAN between your servers.
Q-in-Q customization is needed:
-
for Direct Connect service operation when a trunk port is configured on the operator's side;
-
To configure a trunk port in VMware ESXi on a dedicated server with VMware;
-
to use different VLAN segments on a dedicated server on which virtual servers are deployed. In this case, the dedicated server is privately networked with the virtual server using global router and tagged traffic with your VLAN IDs is terminated on the global router and routed to the virtual server.
Customize Q-in-Q
1. Enable Q-in-Q on the switch port
Q-in-Q can only be enabled for a private network.
When Q-in-Q is enabled, there may be a brief private network down time for servers on the selected VLAN.
-
Create a ticket with a request to include Q-in-Q. Specify:
-
VLAN numbers can be viewed in control panels: from the top menu, press Products → Dedicated servers → Network → tab VLAN → column VLAN;
-
The pools in which the VLANs are located can be viewed in the control panels: from the top menu, press Products → Dedicated servers → Network → tab VLAN → column Poole.
-
-
In the ticket created, wait for a Selectel employee to respond that Q-in-Q is enabled.
2. Select a private subnet
Select an unoccupied subnet whose IP addresses will be used to configure network connectivity. For details, refer to the subsection Standard ranges of private IP addresses.
3. configure the network interfaces on the server
Ubuntu
Debian
CentOS
Windows
-
Connect to the server via SSH or through KVM console.
-
Open the utility configuration file
netplantext editorvi:vi /etc/netplan/01-netcfg.yaml -
Add Q-in-Q settings for the network interface of the private network:
...
vlans:
<eth_name>.<id>:
id: <id>
link: <eth_name>
mtu: 1400
addresses:
- <ip_address>/<mask>Specify:
<eth_name>— name of the network interface of the private network;<id>— Q-in-Q tag, you can specify a number from 2 to 4094;<ip_address>/<mask>— IP address from the new private subnet with mask.
Example of a netplan utility configuration file
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses: [203.0.113.0/24]
gateway4: 203.0.113.1
nameservers:
addresses: [198.51.100.1,198.51.101.1]
eth1:
addresses: [192.168.0.2/24]
...
vlans:
eth1.40:
id: 40
link: eth1
mtu: 1400
addresses:
- [10.0.0.15/24] -
Click ESC.
-
Exit the text editor
viwith the changes intact::wq -
Apply the configuration:
netplan apply -
Optional: reboot the server.
-
Connect to the server via SSH or through KVM console.
-
Open the network interfaces configuration file with a text editor
vi:vi /etc/network/interfaces -
Add Q-in-Q settings for the network interface of the private network:
auto <eth_name>.<id>
iface <eth_name>.<id> inet static
address <ip_address>/<mask>
vlan-raw-device <eth_name>.<id>
mtu 1400Specify:
<eth_name>— name of the network interface of the private network;<id>— Q-in-Q tag, you can specify a number from 2 to 4094;<ip_address>/<mask>— IP address from the new private subnet with mask.
Example of a configuration file for network interfaces
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 203.0.113.218
netmask 255.255.255.0
gateway 203.0.113.1
dns-nameserver 198.51.100.1,198.51.101.1
auto eth1
iface eth1 inet static
address 192.168.0.2/24
auto eth1.40
iface eth1.40 inet static
address 10.0.0.15/24
vlan-raw-device eth1.40
mtu 1400 -
Click ESC.
-
Exit the text editor
viwith the changes intact::wq -
Restart the network:
service networking restart -
Optional: reboot the server.
-
Connect to the server via SSH or through KVM console.
-
Output information about the network interfaces:
ip address -
Create or open the configuration file of the private network interface with Q-in-Q with a text editor
vi:vi /etc/sysconfig/network-scripts/ifcfg-<eth_name>Specify
<eth_name>— name of the network interface of the private network with Q-in-Q. -
Add the network interface settings:
NAME="<q_in_q_eth_name>"
ONBOOT=yes
TYPE=Ethernet
VLAN=yes
DEVICE=<basic_eth_name>.<id>
BOOTPROTO=static
IPADDR=<ip_address>
NETMASK=<mask>
NM_CONTROLLED=noSpecify:
<q_in_q_eth_name>— the name of the new network interface;<basic_eth_name>— The physical interface of the private network to which the VLAN is bound;<id>— Q-in-Q tag, you can specify a number from 2 to 4094;<ip_address>— IP address from the new private subnet;<mask>— subnet mask.
Example configuration file for a network interface
NAME="vlan40"
ONBOOT=yes
TYPE=Ethernet
VLAN=yes
DEVICE=eth1.40
BOOTPROTO=static
IPADDR=10.10.10.10
NETMASK=255.255.255.0
NM_CONTROLLED=no -
Click ESC.
-
Exit the text editor
viwith the changes intact::wq -
Restart the network:
systemctl restart network -
Optional: reboot the server.
-
Connect to the server via RDP or through KVM console.
-
Run Server Manager Local.
-
Go to the section Local Server.
-
Click NIC Teaming.
-
In the block Teams click Task → New Team.
-
In the field Team name enter the name of the group.
-
Check the network adapters that you want to add to the group.
-
Click OK.
-
In the block Adapter and Interfaces click Tasks → Add Interface.
-
In the field Interface name enter the name of the new network interface.
-
In the field Specific VLAN enter the Q-in-Q tag, you can specify a number from 2 to 4094.
-
Click OK.
-
Open it up Network and Sharing Center.
-
Open the network interface of the new private network.
-
Click Properties.
-
Select IPv4.
-
Click Properties.
-
In the field IP-address enter the private IP address of the server, e.g.
192.168.0.2. -
In the field Subnet mask enter the subnet mask.
-
Click OK.