Configuring network using netplan

Introduction

In Ubuntu-18.04, the network configuration file is located in the /etc/netplan/ directory (configuration file placement options:{etc|run|lib}/netplan/*.yaml) and has .yaml. extension. Official documentation on all netplan commands and settings is provided on the website.

YAML has a structured text file format. Nested parameters should be indented with tabs or spaces, the number of which is important. It is very important to observe tabs and not to mix tabs and spaces. As a rule, 4 spaces are used in the margins for nested parameters.

Basic commands for applying netplan settings:

netplan apply — apply settings;
netplan try — try to apply settings with the possibility of cancellation;
netplan ip leases interface — view interface settings (for example, enp3s0);
netplan ifupdown-migrate — convert old /etc/network/interfaces settings to netplan format;
netplan generate — create a specific configuration from a file with the .yaml extension for a network manager (network-manager or systemd-network). To output debugging messages, use the netplan--debug generate command.

Basic configuration

Configuration example:

   # /etc/netplan/01-network-manager-all.yaml
    # Let NetworkManager manage all devices on this system
    network:
        version: 2
        renderer: networkd
        ethernets:
            enp3s0:
                addresses: []
                dhcp4: true
                optional: true

The configuration is divided into the following sections:

network — start of configuration;
version — declaration of the yaml version on which the configuration is presented;
renderer — direction for netplan to which program to transfer control to, for example networkd (systemd-network);
ethernets — declaration of the physical wired interfaces. It defines the network interfaces that are actually connected. For example, enp3s0. A list of static addresses (one or more) is specified for this interface. dhcp4 is enabled for the IPv4 dhcp client (obtaining IP addresses via dhcp in ecss is unacceptable, disabled by default);
optional — parameter that means that there is no need to bide time when starting/rebooting the system in order for the interface to be fully functional. The default value of the parameter is false, only networkd is supported.

Configuring interfaces

General settings for physical interfaces

match (mapping) — selection of interfaces by criterion. All defined properties must match to be applied in the configuration;
macaddress (scalar) — MAC address of the device;
set-name (scalar) — setting a unique interface name;
driver (scalar) — specifying the name of the kernel driver, points to the DRIVER udev property. Match is supported only for networkd;
wakeonlan (bool) — turning on the computer remotely over the network, works only when MAC address of the device is specified.

General settings for all types

renderer (scalar) — backend selection;
dhcp4 (bool) — getting network settings via dhcp IPv4;
dhcp6 (bool) — getting network settings via dhcp IPv6;
addresses (sequence of scalar) — a list of network addresses like a.b.c.d/mask for IPv4 or "2001:1::/64" for IPv6;
gateway4 (scalar) — gateway for IPv4;
gateway6 (scalar) — gateway for IPv6;
nameservers (mapping) — dns configuration;
optional (bool) — determining whether the interface is required at startup;
routes (mapping) — configuring routing.

Routing

vlans: — declaration of the vlan configuration block;
vlan1 (as an example): — arbitrary name of the vlan interface;
id: — vlan tag;
link: — interface through which the vlan will be accessible;
routes: — declaration of the route description block;
to: — specifies the subnet/mask to which the route is needed;
via: — specifies the gateway through which the subnet will be accessible;
on-link: — it is indicated that it is necessary to prescribe routes always when raising the link.

Bond (Aggregation)

Bond — aggregation of physical interfaces into logical ones.

General parameters:

interfaces (sequence of scalar) — a list of physical interfaces that need to be combined into one;
parameters (mapping) — aggregation settings.

Parameters block

Below are some parameters of the aggregation mode, the full list is in the official documentation.

parameters (mapping):
- mode (scalar) — aggregation mode: balance-rr (default), active-backup, balance-xor, broadcast, 802.3ad, balance-tlb, balance-alb;
- mii-monitor-interval (scalar) — interface monitoring interval (live or not). By default, 0 (in milliseconds);
- down-delay (scalar) — delay before disconnecting. By default, 0 (in milliseconds);
- up-delay (scalar) — delay before turning on. By default, 0 (in milliseconds);
- lacp-rate (fast|slow) — only in 802.3ad. LACPDU transfer rate. Possible values are slow (30 seconds is the default) and fast (every second).

The aggregation mode defines the behavior policy of the combined interfaces. Possible values:

balance-rr	Round-robin policy. Packets are sent sequentially, starting from the first available interface and ending with the last one. This policy is applied for load balancing and fault tolerance.
active-backup	Active-backup policy. Only one of the combined network interfaces will be active. Another interface can become active only when the current active interface crashes. With this policy, the MAC address of the bond interface is visible from the outside only through one network port in order to avoid problems with the switch. This policy is applied for fault tolerance.
balance-xor	XOR policy. Transmission is distributed between network cards using the formula: [("Source MAC address" XOR "Destination MAC address") modulo "number of interfaces"]. It turns out that the same network card transmits packets to the same recipients. Optionally, the transfer allocation can also be based on the "xmit_hash" policy. The XOR policy is applied for load balancing and fault tolerance.
broadcast	Broadcast policy. Transmits everything to all network interfaces. This policy is applied for fault tolerance.
802.3ad	Channel aggregation policy according to the IEEE 802.3ad standard. Aggregated groups of network cards are created with the same speed and duplex. With such a combination, the transmission uses all channels in active aggregation according to the IEEE 802.3ad standard. The choice of which interface to send the packet through is determined by the policy. By default, this is XOR policy, but "xmit_hash" policy can be used. Requirements: 1. Ethtool support in the driver to get speed and duplex information on each network interface; 2. Support on the IEEE 802.3ad standard switch; 3. Configuring on the switch.
balance-tlb	Adaptive transmission load balancing policy. Outgoing traffic is distributed depending on the load of each network card (determined by the download speed). Does not require additional configuration on the switch. Incoming traffic comes to the current network card. If it fails, then another network card takes the MAC address of the failed card. Requirement: Ethtool support in the driver to get information about the download speed on each network interface.
balance-alb	Adaptive load balancing policy. It includes a balance-tlb policy and balances incoming traffic. Does not require additional configuration on the switch. Balancing of incoming traffic is achieved through ARP negotiations. The bonding driver intercepts ARP responses sent from local network cards to the outside and rewrites the source MAC address to one of the unique MAC addresses of the network card involved in the merge. Thus, different peers use different MAC addresses of the server. Incoming traffic balancing is distributed sequentially (round-robin) between interfaces. Requirements: 1. Ethtool support in the driver to get information about the download speed on each network interface; 2. Support in the driver for replacing the MAC address on the enabled device; 3. It may be necessary to adjust the value of the updelay parameter equal to or greater than the value of the delay on the switch (so that ARP responses are not blocked on the switch when the link is reconnected or when a new network card is added to bonding).

Important: settings must be made on the switches in accordance with the selected link aggregation mode.

Example of a simple network configuration with link aggregation:

network:
        version: 2
        renderer: networkd
        ethernets:
            enp0s3
                dhcp4: no
            enp0s8:
                dhcp4: no
        bonds:
            bond-ssw:
                dhcp4: no
                interfaces:
                    - enp0s3
                    - enp0s8
                parameters:
                    mode: 802.3ad
					mii-monitor-interval: 1
                optional: true
                addresses:
                    - 10.0.3.10/24

where:

bonds: — block explaining that the bonding configuring will take place;
bond-ssw: — arbitrary interface name;
interfaces: — set of interfaces assembled in bonding;
parameters: — description of the parameter settings block;
mode: — specifies the mode by which bonding will work;
mii-monitor-interval: — monitoring interval is set to 1 second.

VLAN

Example of virtual interfaces configuration:

    vlans:
        vdev:
            id: 101
            link: net1
            addresses:
                - 10.0.1.10/24
        vprod:
            id: 102
            link: net2
            addresses:
                - 10.0.2.10/24
        vtest:
            id: 103
            link: net3
            addresses:
                - 10.0.3.10/24
        vmgmt:
            id: 104
            link: net4
            addresses:
                - 10.0.4.10/24

To define a vlan, the vlans section is used, which defines the names of new vlans. The vlan has 2 mandatory arguments:

id (scalar) — vlan number;
link (scalar) — parent interface.

Example with comments in the text of the file:

# Configuration example for ECSS-10
# In case when each host is connected to the switches by a dedicated link
# Switches are organized into in erps ring
# netplan for ecss1 
network:
    version: 2 # Version
    renderer: networkd # systemd
    ethernets: # Configuring network interfaces
        enp1s0f0: # Interface name. May be different
            dhcp4: no # Disabling configuration via dhcp
            dhcp6: no # Disabling configuration via dhcp v6
        enp1s0f1:
            dhcp4: no
            dhcp6: no

    bonds: # Linking physical interfaces into bonds for fault tolerance
        bond1: # Bond name
            interfaces: # Listing the interfaces that are included in this bond
                - enp1s0f0
                - enp1s0f1
            link-local: [] # Disables link-local addresses
            accept-ra: no # Do not respond to Router Advertisements messages
            parameters: # Aggregation parameters
                mode: active-backup # Recommended mode for links connected to switches in the ERPS ring
                primary: enp1s0f0 # Main interface
                mii-monitor-interval: 100ms # Sets the monitoring interval of the mii interface
                up-delay: 100ms
                down-delay: 200ms
                lacp-rate: fast
            optional: false # No waiting for the interface to be raised when the system boots

    vlans: # Configuring vlan
        bond1.2:    # Name of the interface, how it will be defined in the system
            id: 2   # vlan tag
            link: bond1 # On which interface the tag will be added
            link-local:
                - ipv4
            accept-ra: no
            addresses:
                - 192.168.2.21/24 # Addresses
        bond1.3:
            id: 3 # mgm internal vlan 3
            link: bond1
            addresses:
                - 192.168.1.21/24
            gateway4: 192.168.1.203 # Default gateway
            nameservers: # DNS server addresses
                addresses:
                    - 192.168.1.203
        bond1.476:
            id: 476 # mgm techology net vlan 476
            link: bond1
            addresses:
                - 10.16.33.21/24
            routes: # Routing 
                - to: 10.16.0.0/16
                  via: 10.16.33.254 # Gateway address to this subnet
                  on-link: true # Determines that the specified routes are directly connected to the interface
                - to: 10.136.16.0/24
                  via: 10.16.33.254
                  on-link: true