Skip to main content
> Equinix Deploy

Combining Hybrid and Layer 2 Networking Modes

This example configuration uses two servers, one in Hybrid Bonded mode and one in Layer 2 Unbonded mode, and one VLAN. The servers are first configured to talk to each other over the VLAN, and then configured to so that Internet access is provided to the server in Layer 2 mode through the Hybrid Bonded mode server and VLAN.

Attaching the Servers to the VLAN

Attach the VLAN (with ID 1001) to bond0 on the server in Hybrid Bonded mode.

Screenshot of Adding a VLAN to Hybrid Bonded Server

Attach the same VLAN (with ID 1001) to eth1 on the server in Layer 2 Unbonded mode.

Screenshot of Adding a VLAN to Layer 2 Unbonded Server

Configure the Hybrid Bonded Mode Server

SSH into and configure the Hybrid Bonded mode server.

First, enable VLAN support.

modprobe 8021q
echo "8021q" >> /etc/modules

Choose an IP address to assign the server from whichever subnet you choose. For example, 192.168.2.0/24. Since Hybrid Bonded mode does not support untagged VLAN traffic, add and configure a subinterface of bond0.

ip link add link bond0 name bond0.1001 type vlan id 1001
ip addr add 192.168.2.1/24 dev bond0.1001

Bring up the subinterface, and check that it came up.

ip link set dev bond0.1001 up
ip -d link show bond0.1001

Configure the Layer 2 Unbonded Server

SSH into and configure the Layer 2 Unbonded mode server.

Remember, this node is in pure Layer 2 networking mode; there is no public connectivity to this server and you will have to use SOS/OOB console to connect. If you get locked out, you can always change the networking mode back to Layer 3, or hybrid mode and SSH back in via the public IPv4 address.

Note

In our recent Ubuntu images, the interfaces are no longer aliased to eth1 and eth0. In this example eth1 in the console corresponds to enp1s0f1 in Ubuntu.

Configure VLAN support and remove eth1 from the bonded interface.

modprobe 8021q
echo "8021q" >> /etc/module

ip link set enp1s0f1 nomaster

Since this is Hybrid Unbonded mode, you can also remove the default route from the old IP address and remove the bonded interface entirely.

ip route delete default via <old_IP>
ip link delete dev bond0

Assign a VLAN IP address from the same subnet as the Hybrid Bonded mode server. Since this is the only VLAN attached to this server currently, the traffic has to be untagged, so configure the eth1 interface directly.

ip addr add 192.168.2.2/24 dev enp1s0f1

Bring up the interface, and check that it is back up.

ip link set dev enp1s0f1 up
ip -d link show enp1s0f1

Also, in preparation for enabling Internet access for this server, add a route from the IP address of the Hybrid Bonded mode server. Set it as the default route.

ip route add 192.168.2.0/24 via 192.168.2.1 dev enp1s0f1
ip route add default via 192.168.2.1 dev enp1s0f1

Configure IP Forwarding

At this point your Hybrid Bonded mode server and your Layer 2 Unbonded mode server node can talk to each other, but the Layer 2 server cannot reach the Internet. To give it Internet access you must configure IP masquerading on the Hybrid Bonded mode server.

Make sure IP forwarding is enabled on the Hybrid mode server.

sysctl net.ipv4.ip_forward=1

Now add a new IP masquerade rule to the NAT table with iptables. This routes traffic from any of the private IPs through the Internet-facing network interface on the Hybrid mode server, in this case, bond0.

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o bond0 -j MASQUERADE

Now if you SSH into your Layer 2 mode server, it should be able to ping the outside Internet.

Copied code to clipboard