Skip to content

Hybrid Unbonded Mode

In Hybrid Unbonded mode one network interface is removed from the Layer 3 bond and placed in Layer 2 mode. VLANs can then be attached to this interface for Layer 2 connectivity while preserving the Layer 3 connectivity, so the server can still be accessed via the public IP.

Hybrid Unbonded Diagram

Although this is desirable in some situations, it introduces a single point of failure either on the upstream switch or the network interface. An outage, maintenance event, or reboot on either one of the switches will cause network interruptions.

If you have high-availability concerns, the Hybrid Bonded mode supports both Layer 2 and Layer 3 while maintaining the highly available “bonded” networking interface that spans 2 diverse upstream switches. However, Hybrid Bonded mode is only available in Equinix IBX locations. If you are in the legacy Equinix Metal data centers, then you will be limited to using Hybrid Unbonded mode.

Converting to Hybrid Unbonded Mode

Hybrid Unbonded mode removes the eth1 interface from the LACP bond, allowing you to add Layer 2 VLANs to eth1 while preserving the elastic IPs assigned to the bonded Layer 3 interface.

In order to use Hybrid Unbonded mode, you must first change your networking configuration to Hybrid mode. In the console, navigate to the server's Network page, click Convert To Other Network Type, select Hybrid, and choose Unbonded. Click Convert to Hybrid Networking to make the changes.

Converting to Hybrid Unbonded mode options panel

Then attach a VLAN. From the server's Network page, click Add New VLAN. Choose eth1 as the interface and select the Virtual Network ID (VNID, or VLAN ID) you wish to use.

Adding a VLAN to eth1

First, you will need to remove eth1 from the bond. Send a POST request to the /ports/{id}/disbond endpoint.

You have to specify the port ID of eth1 in the path, and it needs to be the UUID for that port as returned by the /devices/{id} endpoint.

Set the bulk_disable field to false in the body of the request.

curl -X POST -H "Content-Type: application/json" -H "X-Auth-Token: <API_TOKEN>" "https://api.equinix.com/metal/v1/ports/{id}/disbond" -d '{"bulk_disable": false}'

Then, you need to attach your VLAN to eth1. Send a POST request to the /ports/{id}/assign endpoint.

You have to specify the port ID of eth1, and it needs to be the UUID for that port as returned by the /devices/{id} endpoint.

The ID of the VLAN is sent in the body of the request, and it can be either the VLAN's UUID as returned by the /projects/{id}/virtual-networks endpoint or the vxlan ID that is in the console.

curl -X POST -H "Content-Type: application/json" -H "X-Auth-Token: <API_TOKEN>" "https://api.equinix.com/metal/v1/ports/{id}/assign" -d '{"vnid": "1173"}'

Configuring Your Servers

Once you have converted the server to Hybrid Unbonded mode and attached the VLAN, you will need to configure the networking on the server's operating system to use the VLAN now attached eth1. The procedure varies slightly by operating system.

There are two example configurations, the first example is a configuration for attaching a single VLAN to eth1, the second example is for attaching multiple VLANs to eth1.

Attaching a Single VLAN

If only one VLAN is enabled on a port, packets are untagged. This means that the server's network configuration does not need to be VLAN-aware.

  1. Make sure eth1 has been removed from bond0:

    cat /sys/class/net/bond0/bonding/slaves
    

    If it hasn't been removed, remove it:

    echo "-eth1" > /sys/class/net/bond0/bonding/slaves
    

  2. Bring down the eth1 interface:

    sudo ifdown eth1
    
  3. Configure /etc/sysconfig/network-scripts/ifcfg-eth1 on each of the servers, changing the IPADDR field to the desired IP and network. Ensure the IP addresses are different on each server that you are attaching to the same VLAN. For example,

    DEVICE=eth1
    ONBOOT=yes
    HWADDR=e4:1d:2d:11:22:33
    IPADDR=192.168.1.2
    NETMASK=255.255.255.0
    NETWORK=192.168.1.0
    BOOTPROTO=none
    
  4. Bring up the interface:

    sudo ifup eth1
    
  1. Make sure eth1 has been removed from bond0:

    cat /sys/class/net/bond0/bonding/slaves
    

    If it hasn't been removed, remove it:

    echo "-eth1" > /sys/class/net/bond0/bonding/slaves
    

  2. Bring down the eth1 interface:

    sudo ifdown eth1
    
  3. Configure /etc/network/interfaces on each server, changing the IP address to the desired IP from your chosen block. For example,

    auto eth1
    iface eth1 inet static
        address 192.168.1.2
        netmask 255.255.255.0
    
  4. Bring up the interface:

    sudo ifup eth1
    

Attaching Multiple VLANs

In this scenario, IP packets that arrive at the host will have the VLAN ID populated. You will need to setup two interfaces that will receive packets destined for each VLAN.

Note: If you need support for untagged packets, you can set a native VLAN for this port, since it is not part of a bond. More information is on the Setting a Native VLAN page.

  1. Install the prerequisites for VLANs:

    sudo modprobe 8021q
    sudo echo "8021q" >> /etc/modules
    
  2. Bring down eth1:

    ifdown eth1
    
  3. Configure /etc/sysconfig/network-scripts/ifcfg-eth1.1000 and /etc/sysconfig/network-scripts/ifcfg-eth1.1001 on your server. 1000 and 1001 should match the VLANs you've configured on the host in the portal or API. For example,

    DEVICE=eth1.1000
    BOOTPROTO=none
    ONBOOT=yes
    IPADDR=192.168.1.2
    PREFIX=24
    NETWORK=192.168.1.0
    VLAN=yes
    
  4. Restart networking:

    sudo ifup eth1.1000
    sudo ifup eth1.1001
    
  1. Install the prerequisites for VLANs:

    sudo apt-get install vlan
    sudo modprobe 8021q
    sudo echo "8021q" >> /etc/modules
    
  2. Bring down eth1:

    ifdown eth1
    

    Note: if you don't want eth1 to come up after a reboot be sure to comment out the eth1 configuration in your /etc/network/interfaces file.

  3. Add the new interface to /etc/network/interfaces. 1000 and 1001 should match the VLANs you've configured on the host in the portal/API. For example,

    auto eth1.1000
    iface eth1.1000 inet static
        address 192.168.100.1
        netmask 255.255.255.0
        vlan-raw-device eth1
    
    auto eth1.1001
    iface eth1.1001 inet static
        address 172.16.100.1
        netmask 255.255.255.0
        vlan-raw-device eth1
    
  4. Restart networking:

    sudo ifup eth1.1000
    sudo ifup eth1.1001
    

Testing the VLAN Connection

You should now be able to communicate between hosts via your virtual Layer 2 network:

root@layer2:~# ping -I eth1 192.168.1.2
PING 192.168.1.3 (192.168.1.3) from 192.168.1.4 eth1: 56(84) bytes of data.
64 bytes from 192.168.1.3: icmp\_seq=1 ttl=64 time=0.106 ms
64 bytes from 192.168.1.3: icmp\_seq=2 ttl=64 time=0.110 ms
64 bytes from 192.168.1.3: icmp\_seq=3 ttl=64 time=0.115 ms
^C
--- 192.168.1.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.106/0.110/0.115/0.009 ms

Please Note: It is not recommended to use the subnet starting with 10.x.x.x as we use this for the server's private networking and collisions could occur if you used the same private addressing as was configured on your host.

Converting Back to Layer 3

If you want to go back to the default Layer 3 mode, you must first remove any attached VLANs, and then can you convert back the Layer 3 mode.

To detach a VLAN in the console, navigate to the server's Network page. In the Layer 2 section, click Remove next to the VLAN you are detaching from the server. Confirm that you wish to remove it by clicking Yes.

Removing a VLAN

Note that detaching the VLAN from this server does NOT delete it from your project. The VLAN will continue to exist after detaching it from the server.

Then, to convert back to Layer 3, click Convert To Other Network Type, select Layer 3. Click Convert to Layer 3 to start the process.

Converting back to Layer 3 Panel

To detach a VLAN from a port, sent a POST request to the /ports/{id}/unassign endpoint.

You have to specify the port ID of eth1 in the path, and it needs to be the UUID for that port as returned by the /devices/{id} endpoint. The ID of the VLAN is sent in the body of the request, and it can be either the VLAN's UUID as returned by the /projects/{id}/virtual-networks endpoint or the vxlan ID that is in the console.

curl -X POST -H "Content-Type: application/json" -H "X-Auth-Token: <API_TOKEN>" "https://api.equinix.com/metal/v1/ports/{id}/unassign" -d '{"vnid": "1173"}'

Then, you return the port to the Layer 3 bond. Send a POST request to the /ports/{id}/bond endpoint.

You have to specify the port ID of eth1, and it needs to be the UUID for that port as returned by the /devices/{id} endpoint.

curl -X POST -H "Content-Type: application/json" -H "X-Auth-Token: <API_TOKEN>" "https://api.equinix.com/metal/v1/ports/{id}/bond" -d '{"bulk_disable": false}'