Hi,
Just unpacked my AS-608T. Purchased based on positive reviews and the overall specs would match my needs.
Like it supports VLANs, it supports interface trunking.
What was said nowhere is that you can only define ONE VLAN per interface. The 608 has two Network Cards, I have 4 VLANs to serve...
So far, the VLAN support is useless: why use VLANs on a network port to present just one VLAN? Just set the port in access mode and you're done.
I wish to set the two LAN interfaces in Link Aggregation mode (I have HP switches that supports 802.1ad), then define multiple VLANs in the bond (and I tested, even when aggregated, you can only set one VLAN ID).
How can I do that? I don't mind having to ssh into the box and do it from command line, I really need multiple VLANs per interfaces (either 4 VLANs on the bond, or two VLANs per interface).
Help!
Thanks a lot.
JP
Multiple VLAN support?
Moderator: Lillian.W@AST
-
JPtheJP
- Posts: 10
- youtube meble na wymiar Warszawa
- Joined: Wed Feb 12, 2014 4:02 am
-
ho66es
- Posts: 476
- Joined: Wed Mar 13, 2013 5:38 am
Re: Multiple VLAN support?
you could try (it may break your nas)
# /sbin/vconfig add bond0 234
# ifconfig bond0.234 192.168.2.30 broadcast 192.168.2.255 netmask 255.255.255.0
using 234 as vlan and bond0 as your lag
I have not tried this but read it in a similar post on qnap forum, this is not persistant to my knowledge and also may break your network if it fails some how
# /sbin/vconfig add bond0 234
# ifconfig bond0.234 192.168.2.30 broadcast 192.168.2.255 netmask 255.255.255.0
using 234 as vlan and bond0 as your lag
I have not tried this but read it in a similar post on qnap forum, this is not persistant to my knowledge and also may break your network if it fails some how
608t
-
JPtheJP
- Posts: 10
- Joined: Wed Feb 12, 2014 4:02 am
Re: Multiple VLAN support?
Thank you! Thank you so much!
It does work, indeed. I was looking for ethX.vlanid configuration files, as it used to be. Forgot those new VLAN enabled kernels can simply be managed from vconfig. I will go to bed less stupid tonight
Tested not on the bond, but on eth1 (so I still can manage from eth0 if I break eth1).
eth1 is set through the Web UI to use VLAN 13, as we can see interface eth1.13 present with valid IP:
root@AS-608T:/ # ip addr
(removing non-eth1 interfaces to ease reading)
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq qlen 1000
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
11: eth1.13@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.130.7/24 brd 192.168.130.255 scope global eth1.13
inet6 fe80:
48ff:fe89:d8e0/64 scope link
valid_lft forever preferred_lft forever
Now as per your recommendations, I did add the VLAN interface for my test VLAN 1000 to eth1:
root@AS-608T:/ # /sbin/vconfig add eth1 1000
We check the result:
root@AS-608T:/ # ip addr
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq qlen 1000
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
11: eth1.13@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.130.7/24 brd 192.168.130.255 scope global eth1.13
inet6 fe80:48ff:fe89:d8e0/64 scope link
valid_lft forever preferred_lft forever
12: eth1.1000@eth1: <BROADCAST,MULTICAST> mtu 9000 qdisc noop
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
Success, we have an eth1.1000 interface! Set an IP:
root@AS-608T:/ # ifconfig eth1.1000 192.168.33.8 broadcast 192.168.33.255 netmask 255.255.255.0
We check the result:
root@AS-608T:/ # ip addr
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq qlen 1000
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
11: eth1.13@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.130.7/24 brd 192.168.130.255 scope global eth1.13
inet6 fe80:48ff:fe89:d8e0/64 scope link
valid_lft forever preferred_lft forever
12: eth1.1000@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.33.8/24 brd 192.168.33.255 scope global eth1.1000
inet6 fe80:48ff:fe89:d8e0/64 scope link
valid_lft forever preferred_lft forever
From there, I can access the management interface and my shares
I will re-create the link aggregation & test with the aggregate.
I have to sort out the MTU size on the different VLANs, see what happens after a reboot or Web UI configuration change. Once I get a working solution from cold boot, I will post what I found.
Thanks again!
It does work, indeed. I was looking for ethX.vlanid configuration files, as it used to be. Forgot those new VLAN enabled kernels can simply be managed from vconfig. I will go to bed less stupid tonight
Tested not on the bond, but on eth1 (so I still can manage from eth0 if I break eth1).
eth1 is set through the Web UI to use VLAN 13, as we can see interface eth1.13 present with valid IP:
root@AS-608T:/ # ip addr
(removing non-eth1 interfaces to ease reading)
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq qlen 1000
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
11: eth1.13@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.130.7/24 brd 192.168.130.255 scope global eth1.13
inet6 fe80:
48ff:fe89:d8e0/64 scope link valid_lft forever preferred_lft forever
Now as per your recommendations, I did add the VLAN interface for my test VLAN 1000 to eth1:
root@AS-608T:/ # /sbin/vconfig add eth1 1000
We check the result:
root@AS-608T:/ # ip addr
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq qlen 1000
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
11: eth1.13@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.130.7/24 brd 192.168.130.255 scope global eth1.13
inet6 fe80:
48ff:fe89:d8e0/64 scope link valid_lft forever preferred_lft forever
12: eth1.1000@eth1: <BROADCAST,MULTICAST> mtu 9000 qdisc noop
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
Success, we have an eth1.1000 interface! Set an IP:
root@AS-608T:/ # ifconfig eth1.1000 192.168.33.8 broadcast 192.168.33.255 netmask 255.255.255.0
We check the result:
root@AS-608T:/ # ip addr
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq qlen 1000
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
11: eth1.13@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.130.7/24 brd 192.168.130.255 scope global eth1.13
inet6 fe80:
48ff:fe89:d8e0/64 scope link valid_lft forever preferred_lft forever
12: eth1.1000@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue
link/ether 10:bf:48:89:d8:e0 brd ff:ff:ff:ff:ff:ff
inet 192.168.33.8/24 brd 192.168.33.255 scope global eth1.1000
inet6 fe80:
48ff:fe89:d8e0/64 scope link valid_lft forever preferred_lft forever
From there, I can access the management interface and my shares
I will re-create the link aggregation & test with the aggregate.
I have to sort out the MTU size on the different VLANs, see what happens after a reboot or Web UI configuration change. Once I get a working solution from cold boot, I will post what I found.
Thanks again!
-
ho66es
- Posts: 476
- Joined: Wed Mar 13, 2013 5:38 am
Re: Multiple VLAN support?
Glad to help, if it is non persistent, you could just write a bash script to execute on boot there are details elsewhere on forum.
Then write it up nicely and throw in in tips & tricks (thats the bit I always forget heheheh )
there are details elsewhere on forum. Then write it up nicely and throw in in tips & tricks (thats the bit I always forget heheheh )
608t
-
JPtheJP
- Posts: 10
- Joined: Wed Feb 12, 2014 4:02 am
Re: Multiple VLAN support?
I have the bond configured, and found one issue that escaped me with a single interface (but I cross checked, it also happens with multiple VLANs on a single interface).
When you create the second VLAN, it breaks NFS (which my ESX Servers really would not like). You have to stop the NFS service, then restart it once the interface is added and it all comes back. I have NOT checked Windows shares nor any other services as I need NFS deadly for now and not the rest, but it might as well break other services.
I have to script that:
nfs stop
add VLAN interface
set IP address parameters & MTU
nfs start.
If it all ends up as a nice startup script, I would have nothing to do
When you create the second VLAN, it breaks NFS (which my ESX Servers really would not like). You have to stop the NFS service, then restart it once the interface is added and it all comes back. I have NOT checked Windows shares nor any other services as I need NFS deadly for now and not the rest, but it might as well break other services.
I have to script that:
nfs stop
add VLAN interface
set IP address parameters & MTU
nfs start.
If it all ends up as a nice startup script, I would have nothing to do
-
JPtheJP
- Posts: 10
- Joined: Wed Feb 12, 2014 4:02 am
Re: Multiple VLAN support?
I have to correct this post for two reasons.
First, I got an answer from Asustor Technical Support:
Thank you for contacting with us!
We had deliver your request to our developer team,
but I'm sorry to inform you that currently we have no plans to support multiple VLAN in near future.
To support multiple VLAN, we need some time to evaluate the effort and possibility to do so.
And we also need to consider all service and apps with multiple VLAN since a server like NAS needs comprehensive rules to make sure every session is been transferred to correct VLAN tag and interface.
We also compared with other vendors and found they support only one VLAN with one NIC in the meantime.
Please feel free to let us know if there's anything else we could help,
sorry to cause your inconvenience and thank you for your understanding!
Best Regards,
Elsa Lau
It really sounds bad. I mean when you sell a product "specifically designed to provide small to medium sized businesses with reliable and efficient shared storage" that is "VMware, Citrix and Hyper-V ready" it means business might want to use it as storage unit for Virtual Machines as well as file server.
And Virtualization 101 states your Storage Network should be isolated, and totally separated from your, well, Network network (where your PC is, your Internet Access, printers...) while using redundant connections. Link Aggregation provides redundancy, but then you can only talk to one network, or one VLAN. Or you forget redundancy, and plug one interface for Storage and one for Networking (which I would not do).
I let you judge "the competition does not do it, so we don't either and where is your problem" attitude. The AS-608T suffers from wanting to be too many things at once. It is a great solution if it fits within your needs; I am not saying it suffers from poor performances or should be avoided. I can get consistent 120MB/s write access (4 x WD Red 3TB in RAID10) from an ESXi server.
But it really feels as a high-end home / home office NAS than a Business ready one. I do not really care about applications or HDMI out, but I do care about VLAN support for file sharing (FTP, NFS, Windows, Mac, rsync, Web...) i.e. the core services of that NAS. I have a business use for it.
So I know this is not going to be (officially) fixed for a long time. And I have to try...
Which brings me to my second point: I did reset my unit, and re-did my configuration from zero.
I did create a 802.11ad link aggregate from LAN1 + LAN2. I did setup my storage VLAN and Storage IP on the AS-608T from the Web Interface and used the AS-608T's IP address as Default Gateway (as my Storage Network is isolated, has no Internet connection). Then I go the Services options and turn off ALL services but ssh (that I need to add an extra VLAN - on my system - I had ssh, NFS rsync & Windows File Sharing enabled).
Now from an ssh session as root, I do add my extra VLAN for my "regular PCs" on bond0 (the Link Aggregation - /sbin/vconfig add bond0 10), set an IP address to it ( ifconfig bond0.10 192.168.10.7 broadcast 192.168.10.255 netmask 255.255.255.0 up). Now go back to the Services option in the Web Interface and re-enable rSync, Windows file sharing & NFS file sharing.
It looks like I have a stable configuration for the moment. I'll keep updating the thread.
JP
First, I got an answer from Asustor Technical Support:
Thank you for contacting with us!
We had deliver your request to our developer team,
but I'm sorry to inform you that currently we have no plans to support multiple VLAN in near future.
To support multiple VLAN, we need some time to evaluate the effort and possibility to do so.
And we also need to consider all service and apps with multiple VLAN since a server like NAS needs comprehensive rules to make sure every session is been transferred to correct VLAN tag and interface.
We also compared with other vendors and found they support only one VLAN with one NIC in the meantime.
Please feel free to let us know if there's anything else we could help,
sorry to cause your inconvenience and thank you for your understanding!
Best Regards,
Elsa Lau
It really sounds bad. I mean when you sell a product "specifically designed to provide small to medium sized businesses with reliable and efficient shared storage" that is "VMware, Citrix and Hyper-V ready" it means business might want to use it as storage unit for Virtual Machines as well as file server.
And Virtualization 101 states your Storage Network should be isolated, and totally separated from your, well, Network network (where your PC is, your Internet Access, printers...) while using redundant connections. Link Aggregation provides redundancy, but then you can only talk to one network, or one VLAN. Or you forget redundancy, and plug one interface for Storage and one for Networking (which I would not do).
I let you judge "the competition does not do it, so we don't either and where is your problem" attitude. The AS-608T suffers from wanting to be too many things at once. It is a great solution if it fits within your needs; I am not saying it suffers from poor performances or should be avoided. I can get consistent 120MB/s write access (4 x WD Red 3TB in RAID10) from an ESXi server.
But it really feels as a high-end home / home office NAS than a Business ready one. I do not really care about applications or HDMI out, but I do care about VLAN support for file sharing (FTP, NFS, Windows, Mac, rsync, Web...) i.e. the core services of that NAS. I have a business use for it.
So I know this is not going to be (officially) fixed for a long time. And I have to try...
Which brings me to my second point: I did reset my unit, and re-did my configuration from zero.
I did create a 802.11ad link aggregate from LAN1 + LAN2. I did setup my storage VLAN and Storage IP on the AS-608T from the Web Interface and used the AS-608T's IP address as Default Gateway (as my Storage Network is isolated, has no Internet connection). Then I go the Services options and turn off ALL services but ssh (that I need to add an extra VLAN - on my system - I had ssh, NFS rsync & Windows File Sharing enabled).
Now from an ssh session as root, I do add my extra VLAN for my "regular PCs" on bond0 (the Link Aggregation - /sbin/vconfig add bond0 10), set an IP address to it ( ifconfig bond0.10 192.168.10.7 broadcast 192.168.10.255 netmask 255.255.255.0 up). Now go back to the Services option in the Web Interface and re-enable rSync, Windows file sharing & NFS file sharing.
It looks like I have a stable configuration for the moment. I'll keep updating the thread.
JP
-
JPtheJP
- Posts: 10
- Joined: Wed Feb 12, 2014 4:02 am
Re: Multiple VLAN support?
Hi,
Answered to support with further input on the value of multiple VLANs in a VM / virtual environment got me another answer:
"Thanks so much for the kind feedback and the very informative insights on the usage environment. We have studied the requirement in detail and can understand the benefits of having such setting. We will for sure highlight this requirement to our product development team again!!!
Regards,
Shawn Shu"
So we just have to cross our fingers and wait
Meantime, I did some performance testing on my AS-608T with Link Aggregation and two VLAN defined (as described in previous post) and got nice ~120MB/s write throughput. I did push 8 simultaneous copies from two separate hosts toward the NAS and had no issues with it, pushing over 2TB of data total. So far I can only see that having two VLANs does not affect performance nor stability under load. I have rebooted my AS-608T and re-did the VLAN config as per above post and it is back working as expected.
I will now let the box run for a couple of weeks to see if I get memory leaks or degrading performances over time.
So far so good. Got a bad start, now start to see this is a real nice unit with multiple VLANs I need.
JP
Answered to support with further input on the value of multiple VLANs in a VM / virtual environment got me another answer:
"Thanks so much for the kind feedback and the very informative insights on the usage environment. We have studied the requirement in detail and can understand the benefits of having such setting. We will for sure highlight this requirement to our product development team again!!!
Regards,
Shawn Shu"
So we just have to cross our fingers and wait
Meantime, I did some performance testing on my AS-608T with Link Aggregation and two VLAN defined (as described in previous post) and got nice ~120MB/s write throughput. I did push 8 simultaneous copies from two separate hosts toward the NAS and had no issues with it, pushing over 2TB of data total. So far I can only see that having two VLANs does not affect performance nor stability under load. I have rebooted my AS-608T and re-did the VLAN config as per above post and it is back working as expected.
I will now let the box run for a couple of weeks to see if I get memory leaks or degrading performances over time.
So far so good. Got a bad start, now start to see this is a real nice unit with multiple VLANs I need.
JP