Vlans in Cobia

Isma

Isma

Contributor
Joined
Apr 29, 2020
Messages
100
Hello, I have several questions about how to configure the Vlans in Cobia, I read many forums, reddit questions, etc. about how to configure a vlan for the vms, but I couldn't get any of them to connect to me.

I have two physical NICs on my board.

1695856229548.png




The following configurations were the ones I tried

Configuration 1
1.I create a link aggregation (bond0) and assign it to enp60s0 (losing its ip)
2. I create a vlan called vlan0 without ip and link it to bond0
3. I create a bridge (br0) and assign it to vlan0

I assign the el br0 to the vm in its nic

the machine does not have internet access



Configuration 2
1.I create a link aggregation (bond0) and assign it to enp60s0 (losing its ip)
2. I create a vlan called vlan0 without ip and link it to bond0
3. I create a bridge (br0) assign it an ip (192.168.5.0) and assign it to vlan0

I assign the el br0 to the vm in its nic

the machine does not have internet access


Configuration 3
1. I create a vlan called vlan0 without ip and assign it to enp60s0 (losing its ip and trying with ip)
2. I create a bridge (br0) assign it an ip (192.168.5.0) and without ip and assign it to vlan0

I assign the el br0 to the vm in its nic

the machine does not have internet access


Configuration 4

Any combination I make, I'll probably try it.

Regarding the network configuration, am I doing something wrong?

Regarding the VMs, should I put a virtual adapter on them or is the Intel1000 one valid?

Should I configure the win OS vms, is there a valid gateway?


thank you
 
Trevor68

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
Pretty sure you will not have much luck using the GUI for this, I created my bridge (br0) using the console and a borrowed monitor.
 
Isma

Isma

Contributor
Joined
Apr 29, 2020
Messages
100
Trevor68 said:
Pretty sure you will not have much luck using the GUI for this, I created my bridge (br0) using the console and a borrowed monitor.
Click to expand...
I understand that you are referring to the shell where thunder shows the network access IP to your host and the numbered options
 
Trevor68

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
Absolutely, I was never able to create the bridge using the GUI (web interface), it worked first go using the console (shell) though.
 
S

skittlebrau

Explorer
Joined
Sep 1, 2017
Messages
54
Configuration #3 is what you're meant to do in your situation.

  1. Create VLAN interface, name it as vlanX (where X is the VLAN tag), assign it to the desired physical/parent interface and don't assign an IP address.
  2. Create a bridge, name it brX (where X is the VLAN tag), select vlanX in Bridge Members and set IP address in Aliases.

Have you tagged the appropriate ports on your switch? How do you have your VLANs configured on your firewall/router? Have you created firewall rules to allow those VLANs/subnets to reach the internet?

You'll probably need to share a bit more info about how you have everything connected. A network diagram helps along with a brief description.

I'm not a network guy myself, but I've been on a similar journey with my homelab and have been using VLANs for several years at this point.
 
Isma

Isma

Contributor
Joined
Apr 29, 2020
Messages
100
skittlebrau said:
Configuration #3 is what you're meant to do in your situation.

  1. Create VLAN interface, name it as vlanX (where X is the VLAN tag), assign it to the desired physical/parent interface and don't assign an IP address.
  2. Create a bridge, name it brX (where X is the VLAN tag), select vlanX in Bridge Members and set IP address in Aliases.

Have you tagged the appropriate ports on your switch? How do you have your VLANs configured on your firewall/router? Have you created firewall rules to allow those VLANs/subnets to reach the internet?

You'll probably need to share a bit more info about how you have everything connected. A network diagram helps along with a brief description.

I'm not a network guy myself, but I've been on a similar journey with my homelab and have been using VLANs for several years at this point.
Click to expand...
1696445905951.png



Try to make the vlans in both the 10gb and 1gb ones

My goal is to get the vms in enp60s0 with vlans by changing the mask or modifying the ip, for example 192.168.5.x, when using the same ip I cannot
 
S

Saoshen

Dabbler
Joined
Oct 13, 2023
Messages
47
Normally you should not have different vlans using the same network subnet.

At least it is not good practice.

Vlans are often linked to the 3rd octet, so vlan 20 would typically be 192.168.20.x

The purpose of vlans is to isolate the segment so that devices on a vlan can communicate with each other, but not with other vlans, other than when trunked via a managed switch or routing/firewall rules allow.

Additionally, it is also bad practice to have 2 ethernet nics on the same subnet, unless using some kind of bonding, as that can cause packets to be sent/received by the wrong nic.

see also @ https://www.truenas.com/community/threads/multiple-interfaces-on-same-subnet.99446/
and
www.ni.com

Best Practices for Using Multiple Network Interfaces (NICs) with NI Products

It is becoming commonplace to have more than one Ethernet adapter in a PC or embedded controller, especially in systems where wired and wireless adapters are both present. However, the presence of more than one Network Interface Card (NIC) can cause connectivity problems if each network...
www.ni.com www.ni.com
 
Isma

Isma

Contributor
Joined
Apr 29, 2020
Messages
100
Saoshen said:
Normally you should not have different vlans using the same network subnet.

At least it is not good practice.

Vlans are often linked to the 3rd octet, so vlan 20 would typically be 192.168.20.x

The purpose of vlans is to isolate the segment so that devices on a vlan can communicate with each other, but not with other vlans, other than when trunked via a managed switch or routing/firewall rules allow.

Additionally, it is also bad practice to have 2 ethernet nics on the same subnet, unless using some kind of bonding, as that can cause packets to be sent/received by the wrong nic.

see also @ https://www.truenas.com/community/threads/multiple-interfaces-on-same-subnet.99446/
and
www.ni.com

Best Practices for Using Multiple Network Interfaces (NICs) with NI Products

It is becoming commonplace to have more than one Ethernet adapter in a PC or embedded controller, especially in systems where wired and wireless adapters are both present. However, the presence of more than one Network Interface Card (NIC) can cause connectivity problems if each network...
www.ni.com www.ni.com
Click to expand...
Correct, I wanted to know if I could create vlans without having to use a switch simply at the software level, using the same gateway but on different networks for example create different static routes
 
M

mgspivey

Cadet
Joined
Dec 3, 2022
Messages
5
The GUI has come a long way. Last night in RC1 I was able to change from a single NIC for TrueNAS, to two using LACP, changed br0 to bond0 instead of the first NIC, added two vlan# interfaces that were on that second NIC, all without testing any changes along the way. Hit Test while committing the port change to bring up the second port on the switch (Not sure it was essential I did this right away but I really just wanted to add the second vlan to the first card).

Surprised it worked, but after about 30 seconds it let me save the changes. Didnt reboot, didnt even restart the VMs or Applications (using those VLANs). Everything still working today. I was prepared to use the console but I prefer the GUI now.

I connect my vlan# interfaces to bond0 - I think - and before they were just on that second NIC without using it in TrueNAS.
 
Isma

Isma

Contributor
Joined
Apr 29, 2020
Messages
100
mgspivey said:
La GUI ha recorrido un largo camino. Anoche en RC1 pude cambiar de una sola NIC para TrueNAS a dos usando LACP, cambié br0 a bond0 en lugar de la primera NIC, agregué dos interfaces vlan# que estaban en esa segunda NIC, todo sin probar ningún cambio a lo largo del forma. Presione Probar mientras realiza el cambio de puerto para abrir el segundo puerto en el conmutador (no estoy seguro de que fuera esencial, hice esto de inmediato, pero realmente solo quería agregar la segunda VLAN a la primera tarjeta).

Me sorprendió que funcionara, pero después de unos 30 segundos me permitió guardar los cambios. No reinicié, ni siquiera reinicié las máquinas virtuales o las aplicaciones (usando esas VLAN). Todo sigue funcionando hoy. Estaba preparado para usar la consola pero ahora prefiero la GUI.

Conecto mis interfaces vlan# a bond0, creo, y antes estaban en esa segunda NIC sin usarla en TrueNAS.
Click to expand...
What do you mean by ports? I think there is something I'm missing, a router configuration?
 
M

mgspivey

Cadet
Joined
Dec 3, 2022
Messages
5
Isma said:
What do you mean by ports? I think there is something I'm missing, a router configuration?
Click to expand...
Your switch has to support LACP to use that protocol. Not all do, and every brand has a different way of implementing it.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Vlans in Cobia"

Similar threads

nikkon
Cobia - network setup bug report
Replies
8
Views
376
Fleshmauler
F
specter9mm
kernel: br0: received packet on bond0 with own address as source address
Replies
2
Views
2K
specter9mm
specter9mm
B
VLANs and VMs
Replies
0
Views
602
bartii
B
D
Access NFS share from Ubuntu VM with Truenas bond
Replies
1
Views
313
darkmatter68
D
O
Scale apps and network
Replies
6
Views
9K
li_chang
L
Top