Overview

Packet's new Layer 2 feature lets you provision between one and twelve project-specific layer 2 networks within a project.  For more details about the basics of this feature, please read our overview article.

Common Use Cases

Over time, this feature may evolve to support security, provisioning updates, and other use cases.   While there are other possibilities, we have outlined steps to achieve three technical scenarios below:

  • Leaving eth0 in bond0 and adding a single VLAN to eth1.
  • Leaving eth0 on bond0 and adding (trunking) multiple VLANs to eth1.
  • Disabling bond0, putting eth0 to a single VLAN that has an internet gateway, and putting eth1 in a different, private VLAN. ***Currently Disabled

Please Note: For the purposes of this documentation, we are using eth0/eth1 to represent the first and second NIC. The actual interface name will depend on what operating system and hardware config you are using.

Bonding on Packet

By default, each server has two interfaces that are setup in an LACP bond that is configured both in the Host OS and on the switch:

Steps for Common Configurations

Configuration #1: Leaving eth0 in bond0 and adding a single VLAN to eth1.

In this example, you will need at least 2 servers (m1.xlarge or c1.xlarge) in the same project and at least 1 Virtual Network. We will be removing eth1 from bond0 and attaching a VLAN to it and pinging between the hosts.

You will still be able to connect to the server via its public IPv4/IPv6 addresses that are visible in the portal/API because we are leaving eth0 and bond0 intact.

  1. From the portal, browse to both servers and click "Remove From Bond" next to eth1
  2. Again from the device page for both servers, choose the Virtual Network ID (VNID, or VLAN ID) from the dropdown and click "Add VNID". The VNIDs must be the same for both servers for intra-host communication to work.
  3. From your Host OS, follow the following steps depending on your operating system:

CentOS:

Remove eth1 from bond0:

echo "-eth1" > /sys/class/net/bond0/bonding/slaves

Configure /etc/sysconfig/network-scripts/ifcfg-eth1 on each server, changing the IPADDR field to the desired IP and network. Ensure the IP addresses are different on each host, but belong to the same network.

DEVICE=eth1
ONBOOT=yes
HWADDR=e4:1d:2d:11:22:33
IPADDR=192.168.1.2
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BOOTPROTO=none

Bring down/up the interface:

sudo ifdown eth1
sudo ifup eth1

Ubuntu:

Remove eth1 from bond0:

sudo echo "-eth1" > /sys/class/net/bond0/bonding/slaves

Configure /etc/network/interfaces on each server, changing the IP address to the desired IP from your chosen block:

auto eth1
iface eth1 inet static
    address 192.168.1.3
    netmask 255.255.255.0

Bring down/up the interface:

sudo ifdown eth1
sudo ifup eth1

You should now be able to communicate between hosts via your virtual Layer 2 network:

root@layer2:~# ping -I eth1 192.168.1.3
PING 192.168.1.3 (192.168.1.3) from 192.168.1.4 eth1: 56(84) bytes of data.
64 bytes from 192.168.1.3: icmp_seq=1 ttl=64 time=0.106 ms
64 bytes from 192.168.1.3: icmp_seq=2 ttl=64 time=0.110 ms
64 bytes from 192.168.1.3: icmp_seq=3 ttl=64 time=0.115 ms
^C
--- 192.168.1.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.106/0.110/0.115/0.009 ms

Please Note: It is not recommended to use the subnet starting with 10.x.x.x as we use this for server's private networking and collisions could occur if you used the same private addressing as was configured on your host.

C #2: Leaving eth0 in bond0 and adding multiple VLANs to eth1.

In this case, we will be keeping the same configuration for eth0, except we will be assigning a second VLAN to eth1.

In this scenario, IP packets that arrive at the host will have the VLAN ID populated. You will need to setup two interfaces that will receive packets destined for each VLAN.

CentOS

Install the prerequisites for VLANs:

sudo modprobe 8021q
sudo echo "8021q" >> /etc/modules

Configure /etc/sysconfig/network-scripts/ifcfg-eth1.1000 and Configure /etc/sysconfig/network-scripts/ifcfg-eth1.1001 on your server. 1000 and 1001 should match the VLANs you've configured on the host in the portal/API.

DEVICE=eth1.1000
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.1.2
PREFIX=24
NETWORK=192.168.1.0
VLAN=yes

Ubuntu

Install the prerequisites for VLANs:

sudo apt-get install vlan
sudo modprobe 8021q
sudo echo "8021q" >> /etc/modules

Add the new interface to /etc/network/interfaces, changing 1000 to match the VLAN IDs:

auto eth1.1000
iface eth1.1000 inet dhcp
    vlan-raw-device eth1

auto eth1.1001
iface eth1.1001 inet dhcp
    vlan-raw-device eth1

Restart networking, or ifup eth1.1000 and eth1.1001:

sudo ifup eth1.1000
sudo ifup eth1.1001

***Currently Disabled

C #3: Using eth0 with a publicly-connected VLAN and eth1 on a private VLAN.

Create two Virtual Networks - one with public connectivity ("To The Internet"), and one without ("backend network"). Configure eth0/eth1 on a server to look like this from the portal.

Keep in mind that disabling bonding will remove public connectivity from your server and you will have to use SOS to connect. If you get locked out, you can always re-enable and SSH back in via the public IPv4 address.

While connected to SOS, configure eth1 as you would from Configuration #1.

Please Note: Packet uses the first IP address of the internet gateway to provide the VLAN with internet connectivity. The first free IP is the second usable IP. For instance, if you have the 147.75.111.136/29 subnet:

147.95.121.136/29 network:
147.95.121.137 - Packet-assigned gateway
147.95.121.138 - free
147.95.121.139 - free
147.95.121.140 - free
147.95.121.141 - free
147.95.121.142 - free

CentOS

Tear down the bond0 interface (this will remove public connectivity until a public IP from the internet gateway pool is assigned:

sudo ifdown bond0

Configure /etc/sysconfig/network-scripts/ifcfg-eth0 with any free IP from the IPv4 internet gateway block. Ensure that the netmask, network, and gateway details are correct:

DEVICE=eth0
ONBOOT=yes
HWADDR=e4:1d:2d:11:22:32
IPADDR=147.95.121.138
NETMASK=255.255.255.248
GATEWAY=147.95.121.137
NETWORK=147.95.121.136
BOOTPROTO=none

Bring up eth0:

sudo ifup eth0

Ubuntu

Tear down the bond0 interface (this will remove public connectivity until a public IP from the internet gateway pool is assigned:

sudo ifdown bond0

Configure /etc/network/interfaces with any free IP from the IPv4 internet gateway block. Ensure that the netmask, network, and gateway details are correct:

auto eth0
iface eth0 inet static
    address 147.95.121.139
    netmask 255.255.255.248
    gateway 147.95.121.137

Bring up eth0:

sudo ifup eth0

You should now be able to reach the internet:

root@layer-2:~# curl http://httpbin.org/ip
{
  "origin": "147.95.121.138"
}

Looking for More Help?

You can always reach out to us via email, live chat or return to our home page.

Did this answer your question?