[Xorp-hackers] Linux VLAN config if interface is down

Pavlin Radoslavov pavlin at ICSI.Berkeley.EDU
Mon Jun 30 11:34:26 PDT 2008


[Note: this is not exactly XORP-specific question, but it affects
the XORP FEA]

Ben,

I have a Linux VLAN-related question which hopefully you can answer,
because I believe you were the primary author of the VLAN code
in the Linux kernel.

While testing the XORP VLAN configuration on Linux, I noticed that
the kernel will refuse creating a VLAN if the corresponding
interface is down. Once the interface is UP the VLAN can be created:

OS: Ubuntu 8.04 Server (running under VMware Fusion)
Kernel: 2.6.24-19-server

root at vm-ubuntu[3] ip link set eth1 down
root at vm-ubuntu[4] vconfig add eth1 10
ERROR: trying to add VLAN #10 to IF -:eth1:-  error: Network is down
Exit 3
root at vm-ubuntu[5] ip link set eth1 up
root at vm-ubuntu[6] vconfig add eth1 10
Added VLAN with VID == 10 to IF -:eth1:-
root at vm-ubuntu[7] ip addr
...
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
qlen 1000
    link/ether 00:0c:29:c4:42:3f brd ff:ff:ff:ff:ff:ff
    inet6 fe80::20c:29ff:fec4:423f/64 scope link 
       valid_lft forever preferred_lft forever
4: vlan10 at eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop 
    link/ether 00:0c:29:c4:42:3f brd ff:ff:ff:ff:ff:ff

Though, once the VLAN is created, the interface can be taken
down and the VLAN is still there:

root at vm-ubuntu[8] ip link set eth1 down
root at vm-ubuntu[9] ip addr
...
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0c:29:c4:42:3f brd ff:ff:ff:ff:ff:ff
4: vlan10 at eth1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop 
    link/ether 00:0c:29:c4:42:3f brd ff:ff:ff:ff:ff:ff


My question is whether this semantic is intentional or is a bug in
the kernel.
FYI, when setting the MAC address or the MTU on an interface, the
Linux kernel requires that the interface is DOWN, but with VLANs
I see just the opposite requirement.

The reason I ask this question is because it affects the mechanism
used the XORP FEA to set network interfaces information.
Currently, when pushing the state to the kernel, all information
(MAC addresses, MTU, IP addresses, VLANs, etc) is pushed first and
the last operation is to enable the interface.
Operationally this is the correct behavior because we don't want to
enable half-configured interface.
With the VLAN issue mentioned above all this logic breaks, and we
need to do preliminary interface enabling which adds more
complexity.

Thanks,
Pavlin



More information about the Xorp-hackers mailing list