Enabling Secondary IPs and/or VLANs on the WAN interface

MetalSoft supports configuring secondary IPs and VLANs on the WAN interface. This enables complex setups such as the one pictured below (as an example) where the primary IP is a private (non-routable IP) and a secondary IP is configured on a VLAN interface that is bridged to the primary interface.

Note that this is only supported on certain switch vendors (such as Cumulus 4.x+) and certain provisioners (such as the VLAN provisioner). The untagged traffic is handled by the default VLAN (automatically allocated by MetalSoft in this case) whereas the secondary VLAN is allowed by the switch port configuration.

../_images/enabling_secondary_ips_and_vlans_on_the_wan_interface_01.svg

To enable this scenario follow the following:

  1. From the Admin panel, in the Subnets section click Add subnet pool button. Register a Subnet Pool that will be used to allocate IPs on primary or secondary interfaces. Make sure to set the Infrastructure Allocation option to Manual.

../_images/enabling_secondary_ips_and_vlans_on_the_wan_interface_01.png

  1. From the Infrastructure Editor, select the InstanceArray, click the Advanced tab and configure the desired primary and secondary IP configuration.
  • A setting (on either the primary IP or secondary IPs) of Subnet Pool: Automatic will instruct the system to use IPs from Subnets created from Subnet Pools that are marked as Infrastructure Allocation: Automatic (the default)”
  • A setting of Use custom VLAN: disabled will instruct the system to use the automatically allocated VLAN from the range configured in the Datacenter’s ToRWANVLANRange option (defaults to 100-399 for VLAN provisioner).
  • A setting other than Default on the VLAN for the primary IPs will also instruct the system to configure the switch port to map all UNTAGGED traffic to the respective switch-side VLAN.
  • A setting other than Default on the VLAN for the secondary IPs will also instruct the system to configure the switch port to allow traffic TAGGED with the respective VLAN.

../_images/enabling_secondary_ips_and_vlans_on_the_wan_interface_02.png

Note that this does not automatically configure the server side interface. The template must be configured to perform this setup. The {{wan_interface_ipv4_vlan_id_INDEX}} variable can be used to in the template to retrieve the VLAN id of the respective interface.