Red Hat Bugzilla – Full Text Bug Listing
|Summary:||feature request: add 802.1q vlan tagging to anaconda|
|Product:||Red Hat Enterprise Linux 5||Reporter:||Michele Newman <mnewman>|
|Component:||anaconda||Assignee:||Radek Vykydal <rvykydal>|
|Status:||CLOSED ERRATA||QA Contact:||Alexander Todorov <atodorov>|
|Version:||5.3||CC:||agospoda, atodorov, borgan, cstlaure, ddumas, emcnabb, ndevos, riek, tao, xiaohm|
|Target Milestone:||rc||Keywords:||FutureFeature, Triaged|
|Fixed In Version:||Doc Type:||Enhancement|
|Doc Text:||Story Points:||---|
|Last Closed:||2009-01-20 16:37:24 EST||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Michele Newman 2008-02-07 15:10:50 EST
My customer wants to install systems across vlans for security reasons. It would be great to add a kickstart network command option like "--vlanid=123". Example: network --device eth0 --bootproto static --ip 10.42.10.10 --netmask 255.255.255.0 --gateway 10.42.10.1 --nameserver 10.42.10.100 --hostname server1.example.com --vlanid=100 Additional info: Previous request: BZ: #184922, IT: #85144
Comment 1 Andy Gospodarek 2008-03-17 10:09:35 EDT
I think the change to anaconda would be as simple as something like this?? diff --git a/loader2/module-info b/loader2/module-info index 9381c5f..8cbc7ba 100644 --- a/loader2/module-info +++ b/loader2/module-info @@ -75,6 +75,10 @@ Version 0 eth "3Com 3c590/3c595/3c90x/3cx980" +8021q + eth + "802.1q VLAN device driver" + 82596 eth "Apricot 82596" but we also have to consider that
Comment 2 Andy Gospodarek 2008-03-18 16:22:34 EDT
...vconfig will need to be in the initrd if it is not already. Those two plus the appropriate initscripts stuff should make using vlans in kickstart possible.
Comment 3 Joel Andres Granados 2008-04-18 08:32:41 EDT
Why is this not possible currently? I have this running on my environment. My local setup consists in a PXE running in vlan 500 and have the tree and the images (vmlinuz and initrd.img) in another vlan. I load the images using nfs and access the tree through http. If you don't like the PXE idea, you can have a cd based installation that points to a ks and tree in another vlan.
Comment 4 Michele Newman 2008-04-23 12:44:29 EDT
I need to have the client that is being installed be able to add vlan tagging to its own network settings. Right now the 8021q module is not available in the anaconda install environment, but the vconfig cmd is there. I just need the module added to the initrd. I don't want to create a custom initrd since I am using sat serv to provision my systems. Right now I have to build my systems on a completely different network (i.e. moving a network cable back and forth) which is just a band-aid right now. In doing this I also have to do some fudging with network settings to register properly with the sat serv because of the vlan issue.
Comment 5 Chris Lumens 2008-08-18 11:22:12 EDT
Yeah, the vconfig program is there as provided by busybox. We can add the 8021q.ko module to the initrd, but that will not give you the ability to specify a vlanid as an argument to the kickstart network command. In order to do that, we'd have to patch both pykickstart and anaconda, and that amount of work should probably first happen in Fedora for development, then be ported to RHEL. If this is just a request to include the module, I am okay with ACKing it at this relatively late stage in the 5.3 cycle. However if it includes real new development, we should wait until 5.4 and see if we can get some work done in Fedora for it first.
Comment 7 Andy Gospodarek 2008-08-22 16:38:40 EDT
The dot1q module and vconfig need to at least get added for 5.3. This gives those that install via kickstart the chance to use vlans. I'd like to see anaconda actually be able to set the vlan to use for a network install as well, but if that can't make it for 5.3, that's fine.
Comment 8 Denise Dumas 2008-09-10 13:11:12 EDT
Per Michelle: I have had two customer's: NGA and FBI who use vlans heavily and it would be extremely convenient as a GPS consultant to have that ability to kickstart from one Satellite over many VLAN's. But we would also need to get the Satellite people on board with this also since that sort of option would need to be added to the Satellite Kickstart Options. On October 8th I am meeting with Todd Warner and Chris Wells to talk about future Satellite features and I will bring up VLAN and probably bonding in that meeting. In the Government sector network separation is common practice and kickstarting across vlans would definitely give our product an boost in the ease of use category. If there is a way to get any VLAN ability in 5.3 and then add full features in Fedora > RHEL 6 (i.e. Satellite and "network --vlanid=blah idea" in ks) then thats fine. Any sort of VLAN functionality in ks soon would be highly appreciated, and I know my two customers would be very grateful. Per Andy: Our larger (number of entitlement not size of company) customers probably care more about pxeboot and other automated installation and provisioning tools, so I see anaconda as a lower priority for RHEL5, but a nice feature for Fedora and RHEL6. Bonding too. Our plan: Add the dot1q module and vconfig to initd for 5.3, so at least kickstart users can use vlans. That's all for RHEL 5 stream. Then look at the business case and see about Fedora (where the anaconda network code has changed drastically) in time for RHEL6.
Comment 9 Andy Gospodarek 2008-09-10 13:47:22 EDT
Just for the record, I'm not sure satellite needs to know about VLANs for this to be a useful feature. There are all sorts of network configurations that would be used where the satellite server would not use VLANs on the interface, but the installer would need to use a VLANS to access certain resources.
Comment 11 Radek Vykydal 2008-09-11 12:00:39 EDT
Patch applied - module added. Will be included in 184.108.40.206.
Comment 14 Alexander Todorov 2008-11-12 07:38:16 EST
Listing the contents of initrd.img files under pxeboot directory from the install tree doesn't show 8021q.ko is included. This is for both ia64 and x86_64. Unless somebody proves me wrong I think this FAILS_QA.
Comment 15 Alexander Todorov 2008-11-12 09:36:41 EST
Ignore comment #14, bad test. VERIFIED that initrd.img from the install tree for snap #2 contains the 8021q.ko module.
Comment 17 errata-xmlrpc 2009-01-20 16:37:24 EST
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0164.html
Comment 21 Tom 2013-01-21 11:25:56 EST
Can you post the changset related to this change here? Thanks.