VLAN tagging a Team

Hello, I’m trying to add a VLAN tag to a Team containing two NIC devices. I have the team setup and working with an IP address assigned to it and it works fine. But I can’t get a VLAN tag to work with it. If I leave the IP address assigned to the Team it just misses the VLAN tag off. If I assign the IP address to the VLAN it doesn’t work at all. Can anyone shine some light on it?

Without much information to go off of, you generally need your bond/team interface and then separate vlan interfaces. The vlan intefaces have the IP’s assigned to them. The exception to that is when you have bridging, the bridge interfaces would need the IP’s instead. Going off your question, the assumption is a bridge interface isn’t involved.

nmcli con add type bond con-name lacp0 ifname lacp0 bond.options "mode=802.3ad,miimon=100" ipv4.method disabled ipv6.method disabled ignore

nmcli con add type ethernet con-name ens1 ifname ens1 master lacp0 slave-type bond
nmcli con add type ethernet con-name ens2 ifname ens2 master lacp0 slave-type bond

nmcli con add type vlan ifname lacp0.1000 con-name lacp0.1000 id 1000 dev lacp0 connection.autoconnect yes ip4 10.100.0.100/24 gw4 10.100.0.1 ipv4.dns 10.100.0.1 ipv4.dns-search example.com
nmcli con add type vlan ifname lacp0.1001 con-name lacp0.1001 id 1001 dev lacp0 connection.autoconnect yes ip4 10.100.1.100/24 gw4 10.100.1.1 ipv4.dns 10.100.1.1 ipv4.dns-search example.com

nmcli con up lacp0.1000
nmcli con up lacp0.1001

Thanks, I didn’t explain myself very well.

I only need a single Team/Bond with two interfaces (active/backup), with a Single VLAN tag (eg. VLAN ID 100) applied to whichever is active.

Cheers
Lee

Then you add only one vlan interface with “100”, instead of two (that have “1000” and “1001”).

There are examples in man nmcli-examples too. Note: teamd is deprecated in EL9, so it is better to stay in bond.

Choose the ‘bond.options’ that you do need for the “nmcli con add type bond …

The other end of the bond must have set to send packets that are tagged with 100 and expect packets that are tagged with 100. You are not interested in other packets. Could the other end be configured to send only VLAN 100 traffic, untagged, into the bond?

I’ll give it a try, thanks

Thanks for your help, I’ve got it working :slight_smile: