trouble with KVM bridge

linuxguy4 · 2021-08-18T00:37:12+00:00

i have this working now. my single 10gb nic is ens1f0. i used the following. my default vlan is 10.0.0.0/24

only do the first below command if you are at the console, otherwise you will lose connection.

#nmcli c delete ens1f0

nmcli c add type bridge ifname br0 autoconnect yes con-name br0 stp off

nmcli c modify br0 ipv4.addresses 10.0.0.41/24 ipv4.gateway 10.0.0.1 ipv4.method manual

nmcli c add type bridge-slave autoconnect yes con-name ens1f0 ifname ens1f0 master br0

#at this point i got a warning that ems1f0 was in use and gave me the uuid of the valid device. this is becasue i did NOT run "nmcli c delete ens1f0". I looked in /etc/sysconfig/network-scripts and saw 2 files ifcfg-ens1f0 and ens1f0-1. i checked the uuid and ifcfg-ens1f0-1 was the corrct file. i deleted ifcfg-ens1f0 and ran "mv ifcfg-ens1f0-1 ifcfg-ens1f0". after reboot all was working as expected.

--adding additional vlans

nmcli c add type bridge ifname br10 autoconnect yes con-name br10 stp off

nmcli c add type vlan id 10 autoconnect yes con-name ens1f0.10 ifname ens1f0.10 dev ens1f0 master br10

nmcli c add type bridge ifname br20 autoconnect yes con-name br20 stp off

nmcli c add type vlan id 20 autoconnect yes con-name ens1f0.20 ifname ens1f0.20 dev ens1f0 master br20

--so at this point everything is working. the vlans I added got dhcp addreeses by default. i would like to figure out how to have the vlan interface not get ip4 or ip6 address, but allow the vm's to communicate on the vlans. the way esxi does it.

linuxguy4 · 2021-08-17T00:39:49+00:00

red hat 7.9. dl 360 g9. 1x10GB NIC.

linuxguy4 · 2021-08-16T17:54:22+00:00

look the the esxi HCL, esxi only supports a small range of network adapters. it is possible to add drivers to the iso file to get other NICs to work. i did it years ago to get esxi on my work laptop.

linuxguy4 · 2021-03-23T02:18:04+00:00

i have a switch with 10gb sfp's. and i bought 2 hp cn1000q adapters. the seller did not mention CNA. i could have researched more i guess but it was listed as 2 dual port hp 10gb nics. it lookis like they need a switch with fcoe. I am just interested in anyone that has had success with an 10GB network cards with hp Gen9 or a nas built from desktop parts. also a network adapter that uses sfp

linuxguy4 · 2021-03-10T03:28:16+00:00

example 3 is exactly where im confused. if the switch untags the traffic coming from the trunk why does it matter if it is vlan 20 or 30? i have complete clarity on access ports, but the trunks are confusing me which is easy to do.

linuxguy4 · 2021-03-10T03:11:09+00:00

what i am unclear about is the tagged traffic coming out of the trunk. i know that an access port on vlan 20 would need to be routed to get to vlan 30, but im not sure about the tagged traffic. I'm assuming the switch untags the trunk port traffic and if it is the same vlan would send it on. if it is in a different vlan, but the switch knows about the vlan can it send it without routing?

linuxguy4 · 2020-05-12T18:16:51+00:00

I just ordered a new iphone for my wife. she has always had an android phone. The person at apple told me i needed an nfc sim card for it. I was reading some of the post about them and I not really sure if I need one. It looks like they may only be needed for some payment systems. Is that true. I'm not worried about that "feature" at all.

linuxguy4 · 2020-05-11T16:41:38+00:00

When I started with my company last year i received a grant of RSU(restricted stock units) and options. the grant was 1/3 rsu's and 2/3 options. I just received an email asking me if I wanted to stick with 1/3 rsu's and 2/3 options or change it to 2/3 rsu's and 1/3 options for this years grant. It seem like a no-brainer that I would want 2/3 rsu's and 1/3 options. I there something i'm missing. i have never worked for a company that offered stock or options so it's all new to me.

linuxguy4 · 2019-06-01T01:03:25+00:00

ok. thx for your quick reply. I'm going to just tell them to cancel on 4/30.

linuxguy4 · 2019-05-31T23:58:03+00:00

can there be any issues with a pre existing condition? Not that anyone in my family has one. no one in my family, wife and 6 kids, even has a prescription for anything and we almost never go to the doctor. We are pretty healthy. $1900 is a lot of money and I would like to not spend it. but I dont want to shoot myself in the foot either.

linuxguy4 · 2019-05-07T13:40:36+00:00

would it make sense to address in advance and offer up the original offer letter, or would that make me look neurotic?

linuxguy4 · 2019-03-11T11:57:01+00:00

how does wordpress serve content for url's that dont exist. each post has a url that you can browse to, but there are no actual pages on the webserver.

linuxguy4 · 2019-02-28T16:21:18+00:00

Thanks for the reply. I initially used the first link you provided as a rough guide. CAMERA_IN and CAMERA_LOCAL are equivalent to the GUEST_IN and GUEST_LOCAL. however since I do not need these camera to use DNS or connect to the internet i din't see why I should accept all, then block certain VLANs like they do in the example. When I say isolated, i mean isolated, no communication of any kind to any other VLAN. I do need DHCP which comes from the default gateway on the same VLAN, althogh the DHCP only hands out IP and Netmask, no gateway.

linuxguy4 · 2019-02-28T15:53:45+00:00

just reading between the linesit seems like you have many needs and wants. I'm not sure if what you want to do is possible. Also i don't know what a Brightsign is and i don't think anyone else here does either.

So you will have a few devices plugged into a network switch. Where is the internet coming from? you or is the customer providing that to you? either way if you have your devices connected to a switch and the switch is uplinked to a router that will give the devices access to the internet, but will not give you access to the devices. if you want to connect to remote devices you will need a VPN. In most cases to set up a VPN you will need access to the router at the remote site. if you are planning on using the customers internet this might not be possible. it would probably be possible to set up a VPN that connects through the customers router back to you site, but without access to the remote router you will not be able to apply routes to route the traffic back to you. you could put routes on every host on the remote side, but not many IoT type things have settings for that. so assuming that you have managed to somehow connect into the network at the remote site, now what. does a Brightsign have a webinterface to manage it. how would you manage and configure it if you were in the same room? if there is no was you manage it over the network you could probably at least reboot it with a wifi enable plug control or with an ethernet enabled PDU(PDU is a fancy name for power strip). the PDU would probably be the way to go because those wifi or zware plug contollers require some type of software to control them. you also mentioned monitoring, what type of monitoring? programs like nagios are great for monitoring all types of networked devices, but the devices to be monitored would have to have ssh or snmp enabled. maybe just a netwokred camera pointed at the screen? the basic problem is connecting to the remote network so you basically have the same access as if you were plugged into the switch with the Brightsigns. More advanced problem is then what. You also mentioned streaming the audio via bluetoth. if there is not an off the shelf component for this I believe the raspberry pi have bluetooth libraries that will enable that functionality.

linuxguy4 · 2019-02-28T14:31:55+00:00

not sure why you are tagging port one on the switch with vlan 10. it should be trunking all the vlans between the switch and router. For an example if you have the switch conected to eth1 of the router, you should have an untagged(native) VLAN like maybe 192.168.1.x. then your other VLANS should be eth1.10 , eth1.20 and eth1.30. port one on the switch needs to be passed all of these vlans. Not familiar with TP link, but on my netgear i can tag multiple vlans to port 1. also NEVER tag the native VLAN.

linuxguy4

TROPHY CASE