Configuring network using netplan
Introduction
In Ubuntu-18.04, the network configuration file is located in the /etc/netplan/ directory (configuration file placement options:{etc|run|lib}/netplan/*.yaml) and has .yaml. extension. Official documentation on all netplan commands and settings is provided on the website.
YAML has a structured text file format. Nested parameters should be indented with tabs or spaces, the number of which is important. It is very important to observe tabs and not to mix tabs and spaces. As a rule, 4 spaces are used in the margins for nested parameters.
Basic commands for applying netplan settings:
- netplan apply — apply settings;
- netplan try — try to apply settings with the possibility of cancellation;
- netplan ip leases interface — view interface settings (for example, enp3s0);
- netplan ifupdown-migrate — convert old /etc/network/interfaces settings to netplan format;
- netplan generate — create a specific configuration from a file with the .yaml extension for a network manager (network-manager or systemd-network). To output debugging messages, use the
netplan--debug generatecommand.
Basic configuration
Configuration example:
# /etc/netplan/01-network-manager-all.yaml
# Let NetworkManager manage all devices on this system
network:
version: 2
renderer: networkd
ethernets:
enp3s0:
addresses: []
dhcp4: true
optional: true
The configuration is divided into the following sections:
- network — start of configuration;
- version — declaration of the yaml version on which the configuration is presented;
- renderer — direction for netplan to which program to transfer control to, for example networkd (systemd-network);
- ethernets — declaration of the physical wired interfaces. It defines the network interfaces that are actually connected. For example, enp3s0. A list of static addresses (one or more) is specified for this interface. dhcp4 is enabled for the IPv4 dhcp client (obtaining IP addresses via dhcp in ecss is unacceptable, disabled by default);
- optional — parameter that means that there is no need to bide time when starting/rebooting the system in order for the interface to be fully functional. The default value of the parameter is false, only networkd is supported.
Configuring interfaces
General settings for physical interfaces
- match (mapping) — selection of interfaces by criterion. All defined properties must match to be applied in the configuration;
- macaddress (scalar) — MAC address of the device;
- set-name (scalar) — setting a unique interface name;
- driver (scalar) — specifying the name of the kernel driver, points to the DRIVER udev property. Match is supported only for networkd;
- wakeonlan (bool) — turning on the computer remotely over the network, works only when MAC address of the device is specified.
General settings for all types
- renderer (scalar) — backend selection;
- dhcp4 (bool) — getting network settings via dhcp IPv4;
- dhcp6 (bool) — getting network settings via dhcp IPv6;
- addresses (sequence of scalar) — a list of network addresses like a.b.c.d/mask for IPv4 or "2001:1::/64" for IPv6;
- gateway4 (scalar) — gateway for IPv4;
- gateway6 (scalar) — gateway for IPv6;
- nameservers (mapping) — dns configuration;
- optional (bool) — determining whether the interface is required at startup;
- routes (mapping) — configuring routing.
Routing
- vlans: — declaration of the vlan configuration block;
- vlan1 (as an example): — arbitrary name of the vlan interface;
- id: — vlan tag;
- link: — interface through which the vlan will be accessible;
- routes: — declaration of the route description block;
- to: — specifies the subnet/mask to which the route is needed;
- via: — specifies the gateway through which the subnet will be accessible;
- on-link: — it is indicated that it is necessary to prescribe routes always when raising the link.
Bond (Aggregation)
Bond — aggregation of physical interfaces into logical ones.
General parameters:
- interfaces (sequence of scalar) — a list of physical interfaces that need to be combined into one;
- parameters (mapping) — aggregation settings.
Parameters block
Below are some parameters of the aggregation mode, the full list is in the official documentation.
- parameters (mapping):
- mode (scalar) — aggregation mode: balance-rr (default), active-backup, balance-xor, broadcast, 802.3ad, balance-tlb, balance-alb;
- mii-monitor-interval (scalar) — interface monitoring interval (live or not). By default, 0 (in milliseconds);
- down-delay (scalar) — delay before disconnecting. By default, 0 (in milliseconds);
- up-delay (scalar) — delay before turning on. By default, 0 (in milliseconds);
- lacp-rate (fast|slow) — only in 802.3ad. LACPDU transfer rate. Possible values are slow (30 seconds is the default) and fast (every second).
The aggregation mode defines the behavior policy of the combined interfaces. Possible values:
| balance-rr | Round-robin policy. Packets are sent sequentially, starting from the first available interface and ending with the last one. This policy is applied for load balancing and fault tolerance. |
| active-backup | Active-backup policy. Only one of the combined network interfaces will be active. Another interface can become active only when the current active interface crashes. With this policy, the MAC address of the bond interface is visible from the outside only through one network port in order to avoid problems with the switch. This policy is applied for fault tolerance. |
| balance-xor | XOR policy. Transmission is distributed between network cards using the formula: [("Source MAC address" XOR "Destination MAC address") modulo "number of interfaces"]. It turns out that the same network card transmits packets to the same recipients. Optionally, the transfer allocation can also be based on the "xmit_hash" policy. The XOR policy is applied for load balancing and fault tolerance. |
| broadcast | Broadcast policy. Transmits everything to all network interfaces. This policy is applied for fault tolerance. |
| 802.3ad | Channel aggregation policy according to the IEEE 802.3ad standard. Aggregated groups of network cards are created with the same speed and duplex. With such a combination, the transmission uses all channels in active aggregation according to the IEEE 802.3ad standard. The choice of which interface to send the packet through is determined by the policy. By default, this is XOR policy, but "xmit_hash" policy can be used. Requirements: 1. Ethtool support in the driver to get speed and duplex information on each network interface; 2. Support on the IEEE 802.3ad standard switch; 3. Configuring on the switch. |
| balance-tlb | Adaptive transmission load balancing policy. Outgoing traffic is distributed depending on the load of each network card (determined by the download speed). Does not require additional configuration on the switch. Incoming traffic comes to the current network card. If it fails, then another network card takes the MAC address of the failed card. Requirement: Ethtool support in the driver to get information about the download speed on each network interface. |
| balance-alb | Adaptive load balancing policy. It includes a balance-tlb policy and balances incoming traffic. Does not require additional configuration on the switch. Balancing of incoming traffic is achieved through ARP negotiations. The bonding driver intercepts ARP responses sent from local network cards to the outside and rewrites the source MAC address to one of the unique MAC addresses of the network card involved in the merge. Thus, different peers use different MAC addresses of the server. Incoming traffic balancing is distributed sequentially (round-robin) between interfaces. Requirements: 1. Ethtool support in the driver to get information about the download speed on each network interface; 2. Support in the driver for replacing the MAC address on the enabled device; 3. It may be necessary to adjust the value of the updelay parameter equal to or greater than the value of the delay on the switch (so that ARP responses are not blocked on the switch when the link is reconnected or when a new network card is added to bonding). |
Important: settings must be made on the switches in accordance with the selected link aggregation mode.
Example of a simple network configuration with link aggregation:
network:
version: 2
renderer: networkd
ethernets:
enp0s3
dhcp4: no
enp0s8:
dhcp4: no
bonds:
bond-ssw:
dhcp4: no
interfaces:
- enp0s3
- enp0s8
parameters:
mode: 802.3ad
mii-monitor-interval: 1
optional: true
addresses:
- 10.0.3.10/24
where:
- bonds: — block explaining that the bonding configuring will take place;
- bond-ssw: — arbitrary interface name;
- interfaces: — set of interfaces assembled in bonding;
- parameters: — description of the parameter settings block;
- mode: — specifies the mode by which bonding will work;
- mii-monitor-interval: — monitoring interval is set to 1 second.
VLAN
Example of virtual interfaces configuration:
vlans:
vdev:
id: 101
link: net1
addresses:
- 10.0.1.10/24
vprod:
id: 102
link: net2
addresses:
- 10.0.2.10/24
vtest:
id: 103
link: net3
addresses:
- 10.0.3.10/24
vmgmt:
id: 104
link: net4
addresses:
- 10.0.4.10/24
To define a vlan, the vlans section is used, which defines the names of new vlans. The vlan has 2 mandatory arguments:
- id (scalar) — vlan number;
- link (scalar) — parent interface.
Example with comments in the text of the file:
# Configuration example for ECSS-10
# In case when each host is connected to the switches by a dedicated link
# Switches are organized into in erps ring
# netplan for ecss1
network:
version: 2 # Version
renderer: networkd # systemd
ethernets: # Configuring network interfaces
enp1s0f0: # Interface name. May be different
dhcp4: no # Disabling configuration via dhcp
dhcp6: no # Disabling configuration via dhcp v6
enp1s0f1:
dhcp4: no
dhcp6: no
bonds: # Linking physical interfaces into bonds for fault tolerance
bond1: # Bond name
interfaces: # Listing the interfaces that are included in this bond
- enp1s0f0
- enp1s0f1
link-local: [] # Disables link-local addresses
accept-ra: no # Do not respond to Router Advertisements messages
parameters: # Aggregation parameters
mode: active-backup # Recommended mode for links connected to switches in the ERPS ring
primary: enp1s0f0 # Main interface
mii-monitor-interval: 100ms # Sets the monitoring interval of the mii interface
up-delay: 100ms
down-delay: 200ms
lacp-rate: fast
optional: false # No waiting for the interface to be raised when the system boots
vlans: # Configuring vlan
bond1.2: # Name of the interface, how it will be defined in the system
id: 2 # vlan tag
link: bond1 # On which interface the tag will be added
link-local:
- ipv4
accept-ra: no
addresses:
- 192.168.2.21/24 # Addresses
bond1.3:
id: 3 # mgm internal vlan 3
link: bond1
addresses:
- 192.168.1.21/24
gateway4: 192.168.1.203 # Default gateway
nameservers: # DNS server addresses
addresses:
- 192.168.1.203
bond1.476:
id: 476 # mgm techology net vlan 476
link: bond1
addresses:
- 10.16.33.21/24
routes: # Routing
- to: 10.16.0.0/16
via: 10.16.33.254 # Gateway address to this subnet
on-link: true # Determines that the specified routes are directly connected to the interface
- to: 10.136.16.0/24
via: 10.16.33.254
on-link: true