Q-in-Q
Q-in-Q is a technology that allows you to create multiple isolated segments within a single VLAN by adding an additional tag to the Ethernet packet header.
With Q-in-Q enabled on a Selectel network, you can pass your VLAN IDs on a port and tags will be delivered over the LAN between your servers.
Q-in-Q customization is needed:
-
for Direct Connect service operation when a trunk port is configured on the operator's side;
-
To configure a trunk port in VMware ESXi on a dedicated server with VMware;
-
to use different VLAN segments on a dedicated server on which virtual servers are deployed. In this case, the dedicated server is privately networked with the virtual server by using global router and tagged traffic with your VLAN IDs is terminated on the global router and routed to the virtual server.
Customize Q-in-Q
Enable Q-in-Q on the switch port
Q-in-Q can only be enabled for a private network.
When Q-in-Q is enabled, there may be a brief private network down time for servers on the selected VLAN.
-
Create a ticket with a request to include Q-in-Q. Specify:
-
VLAN numbers can be viewed in control panels under Servers and hardware → Network → tab VLAN → column VLAN;
-
The pools in which the VLANs are located can be viewed in the control panels under Servers and hardware → Network → tab VLAN → column Poole.
-
-
In the ticket created, wait for a Selectel employee to respond that Q-in-Q is enabled.
Select a private subnet
Select an unoccupied subnet whose IP addresses will be used to configure network connectivity. For details, refer to the subsection Standard ranges of private IP addresses.
configure the network interfaces on the server
Ubuntu
Debian
CentOS
Windows
-
Connect to the server via SSH or through KVM console.
-
Open the utility configuration file
netplanwith the vi text editor:vi /etc/netplan/01-netcfg.yaml -
Add Q-in-Q settings for the network interface of the private network:
...
vlans:
<eth_name>.<id>:
id: <id>
link: <eth_name>
mtu: 1400
addresses:
- <ip_address>/<mask>Specify:
<eth_name>— name of the network interface of the private network;<id>— Q-in-Q tag, you can specify a number from 2 to 4094;<ip_address>/<mask>— IP address from the new private subnet with mask.
Example of a netplan utility configuration file
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses: [203.0.113.0/24]
gateway4: 203.0.113.1
nameservers:
addresses: [198.51.100.1,198.51.101.1]
eth1:
addresses: [192.168.0.2/24]
...
vlans:
eth1.40:
id: 40
link: eth1
mtu: 1400
addresses:
- [10.0.0.15/24] -
Click ESC.
-
Exit the vi text editor with your changes saved:
:wq -
Apply the configuration:
netplan apply -
Optional: reboot the server.
-
Connect to the server via SSH or through KVM console.
-
Open the network interfaces configuration file with the vi text editor:
vi /etc/network/interfaces -
Add Q-in-Q settings for the network interface of the private network:
auto <eth_name>.<id>
iface <eth_name>.<id> inet static
address <ip_address>/<mask>
vlan-raw-device <eth_name>.<id>
mtu 1400Specify:
<eth_name>— name of the network interface of the private network;<id>— Q-in-Q tag, you can specify a number from 2 to 4094;<ip_address>/<mask>— IP address from the new private subnet with mask.
Example of a configuration file for network interfaces
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 203.0.113.218
netmask 255.255.255.0
gateway 203.0.113.1
dns-nameserver 198.51.100.1,198.51.101.1
auto eth1
iface eth1 inet static
address 192.168.0.2/24
auto eth1.40
iface eth1.40 inet static
address 10.0.0.15/24
vlan-raw-device eth1.40
mtu 1400 -
Click ESC.
-
Exit the vi text editor with your changes saved:
:wq -
Restart the network:
service networking restart -
Optional: reboot the server.
-
Connect to the server via SSH or through KVM console.
-
Output information about the network interfaces:
ip address -
Create or open a configuration file for the private network interface of the network with Q-in-Q with the vi text editor:
vi /etc/sysconfig/network-scripts/ifcfg-<eth_name>Specify
<eth_name>— name of the network interface of the private network with Q-in-Q. -
Add the network interface settings:
NAME="<q_in_q_eth_name>"
ONBOOT=yes
TYPE=Ethernet
VLAN=yes
DEVICE=<basic_eth_name>.<id>
BOOTPROTO=static
IPADDR=<ip_address>
NETMASK=<mask>
NM_CONTROLLED=noSpecify:
<q_in_q_eth_name>— the name of the new network interface;<basic_eth_name>— The physical interface of the private network to which the VLAN is bound;<id>— Q-in-Q tag, you can specify a number from 2 to 4094;<ip_address>— IP address from the new private subnet;<mask>— subnet mask.
Example of a configuration file for a network interface
NAME="vlan40"
ONBOOT=yes
TYPE=Ethernet
VLAN=yes
DEVICE=eth1.40
BOOTPROTO=static
IPADDR=10.10.10.10
NETMASK=255.255.255.0
NM_CONTROLLED=no -
Click ESC.
-
Exit the vi text editor with your changes saved:
:wq -
Restart the network:
systemctl restart network -
Optional: reboot the server.
-
Connect to the server via RDP or through KVM console.
-
Run Server Manager Local.
-
Go to the section Local Server.
-
Click NIC Teaming.
-
In the block Teams click Task → New Team.
-
In the field Team name enter the name of the group.
-
Check the network adapters that you want to add to the group.
-
Click OK.
-
In the block Adapter and Interfaces click Tasks → Add Interface.
-
In the field Interface name enter the name of the new network interface.
-
In the field Specific VLAN enter the Q-in-Q tag, you can specify a number from 2 to 4094.
-
Click OK.
-
Open it up Network and Sharing Center.
-
Open the network interface of the new private network.
-
Click Properties.
-
Select IPv4.
-
Click Properties.
-
In the field IP-address enter the private IP address of the server (for example,
192.168.0.2). -
In the field Subnet mask enter the subnet mask.
-
Click OK.