HQ-RTR:
1.apt-get update && apt-get install -y openvswitch
2.
ip link set dev enp7s2 down
ip addr flush dev enp7s2
mkdir -p /etc/net/ifaces/enp7s2
echo "TYPE=eth" > /etc/net/ifaces/enp7s2/options
echo "BOOTPROTO=static" >> /etc/net/ifaces/enp7s2/options
3.
mkdir /etc/net/ifaces/vlan100
mkdir /etc/net/ifaces/vlan200
mkdir /etc/net/ifaces/vlan999
# Конфигурация vlan100
cat <<EOF > /etc/net/ifaces/vlan100/options
TYPE=ovsport
BRIDGE=HQ-SW
VID=100
BOOTPROTO=static
CONFIG_IPV4=yes
EOF
# Конфигурация vlan200
cat <<EOF > /etc/net/ifaces/vlan200/options
TYPE=ovsport
BRIDGE=HQ-SW
VID=200
BOOTPROTO=static
CONFIG_IPV4=yes
EOF
# Конфигурация vlan999 (управление/прочее)
cat <<EOF > /etc/net/ifaces/vlan999/options
TYPE=ovsport
BRIDGE=HQ-SW
VID=999
BOOTPROTO=static
CONFIG_IPV4=yes
EOF
4.
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.ipv4.conf.default.rp_filter = 1" >> /etc/sysctl.conf
sysctl -p
Применение настроек сети
systemctl restart network
Отключение автоматического удаления OVS-мостов (правка конфига etcnet)
systemctl enable --now openvswitch
sed -i "s/OVS_REMOVE=yes/OVS_REMOVE=no/g" /etc/net/ifaces/default/options
ovs-vsctl add-br HQ-SW
ovs-vsctl add-port HQ-SW enp7s2 trunks=100,200,999
ovs-vsctl add-port HQ-SW enp7s3 trunks=100,200,999
ovs-vsctl add-port HQ-SW vlan100 tag=100 -- set Interface vlan100 type=internal
ovs-vsctl add-port HQ-SW vlan200 tag=200 -- set Interface vlan200 type=internal
ovs-vsctl add-port HQ-SW vlan999 tag=999 -- set Interface vlan999 type=internal
ip addr 192.168.100.1/27 dev vlan100
ip link set vlan100 up
ip addr 192.168.200.1/28 dev vlan200
ip link set vlan 200 up
ip addr 192.168.99.1/29 dev vlan999
ip link set vlan999 up
ovs-vsctl show
HQ-SRV:
ping -c3 192.168.100.1