How To Configure Netplan Network? – LAB Examples


Ever since Ubuntu changed its network configuration utility to netplan from the traditional configuration, many of them got so upset. Some of them are very annoyed that they even entirely removed the netplan and installed ifupdown back into the system.

So is Ubuntu Netplan going to stay ?, if yes shouldn’t we learn how to configure them on our Ubuntu machine ?

The answer to both the questions is Yes; after researching the netplan, it looks like it’s going to stay.

Now the option that we have is to either install the ifupdown, which you never know how long it would be available or accept the change and learn the netplan configuration.

If you are ready to accept the change then let’s get started.

The Ubuntu netplan uses a script called Yaml (Yet Another Markup Language) to generate it’s network configurations.

And the network interfaces and configurations can be defined as a separate blocks in it.

In this blog, we would look at netplan examples with which we could create a network in Ubuntu 18.04 or above.

Note: The configuration below are tested and verified working in my lab environment running Ubuntu 19.04, so in case if you are facing issue with configuration please do let me know in the comments section.
Most of the labs I am using with Ubuntu 19.04, but these steps are still relevant for version 18.04
and above.

Before you do anything make sure you take the backup of the existing configuration

Follow the below steps to take the backup in the same /etc/netplan directory
sudo cp /etc/netplan/01-network-manager-all.yaml /etc/netplan/01-network-manager-all.yaml.bak

or

sudo cp /etc/netplan/50-cloud-init.yaml /etc/netplan/50-cloud-init.yaml.bak
  1. How to configure DHCP using netplan
  2. How do I set a static IP on netplan?
  3. How to Set DNS Server in netplan?.
  4. Ubuntu configure multiple static IP.
  5. How to add second ip address ubuntu?
  6. How to configure the bond using netplan?
  7. How to create Bond interface with VLAN tagged?
  8. How to tag multiple VLAN’s in a Bond using netplan?
  9. How do I tag VLAN on Ubuntu using Netplan?.
  10. How to configure static route using netplan?
  11. How to create a bridge interface in ubuntu?

If you are using WiFi and wanted to configure the netplan on your Ubuntu machine, then you may click here, I have covered complete article there for WiFi.

How to configure dhcp using netplan?

By default you don’t have to create or modify anything in netplan if you are planning to use DHCP, the Ubuntu machine will have an IP address configured automatically via DHCP out of the box. And this is how netplan config looks like from the Ubuntu server.

[email protected]:~$ cat /etc/netplan/50-cloud-init.yaml
# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    ethernets:
        ens33:
            dhcp4: true
    version: 2
[email protected]:~$ 

If the dhcp4 is marked as false in your Ubuntu server, then you may change to true to start getting the IP address dynamically.

What if you are Ubuntu desktop user, then it would look like below.

[email protected]:~$ cat /etc/netplan/01-network-manager-all.yaml 
# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager
[email protected]:~$ 

What are the differences you could spot between these two ?

There is a renderer mentioned in the Ubuntu Desktop but not on the server.

Although DHCP enabled on both of them, Ubuntu server has the value dhcp4: true, but not on the Desktop.

Also the yaml file name is different.

As you can see the yaml configuration changed from cloud-init to network manager, sometimes the configuration would look like 01-netcfg.yaml

It may be even different in your machine as well, so make sure you are editing the correct file.

How do I set a static IP on netplan?

The issue starts when you want to configure netplan static IP on an interface. However, configuring static IP on Ubuntu using netplan is not so difficult. Let’s look at how we can configure a single static IP using netplan.

Here is the basic topology that we are going to use.

ubuntu netplan static ip configuration

The above diagram is a common example if you connect a server to a network, or even at home, you are using a Ubuntu box that requires you to have a static configuration.

Step 1. Get the physical interface name.

You have to type ip addr command to get the physical interface names to edit the yaml file. I have typed the same and my interface name is eno2.

[email protected]:~/Desktop$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 04:d4:c4:e3:88:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.71/24 brd 192.168.0.255 scope global noprefixroute eno2
       valid_lft forever preferred_lft forever

Step 2. Edit the Netplan configuration.

Edit the netplan configuration file by typing the command below

sudo nano /etc/netplan/01-network-manager-all.yaml

By default you would have the following values.

network:
        version: 2
        renderer: NetworkManager
  • As we can see in the diagram we should assign an IP address 192.168.0.100/24 to the host. Hence add the addresses and gateways according to the diagram.
network-manager-all.yaml                                                                                      
network:
        version: 2
        renderer: NetworkManager
        ethernets:
             eno2:
              dhcp4: no
              addresses: [192.168.0.100/24]
              gateway4: 192.168.0.1
              nameservers:
                search: [local]
                addresses: [4.2.2.2, 8.8.8.8]

Step 3. Apply the config.

Apply the configuration changes you just made by entering sudo netplan apply

Step 4. Validate the change.

Type the command ip addr to confirm the change. As you can see you got the new IP address as we defined.

2: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 04:d4:c4:e3:88:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.100/24 brd 192.168.0.255 scope global noprefixroute eno2
       valid_lft forever preferred_lft forever
    inet6 fd01::88a6:fd02:464:8530/64 scope global temporary dynamic 
       valid_lft 163sec preferred_lft 163sec
    inet6 fd01::f972:645c:8325:1c0f/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 163sec preferred_lft 163sec
    inet6 fe80::c425:4e18:1808:52bb/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

Step 5. Verify the connectivity.

Lets ping the gateway of the host and see if we are able to ping the IP address 192.168.0.1

[email protected]:~$ ping -c 4 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=9.35 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=7.18 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=3.50 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=255 time=3.62 ms
--- 192.168.0.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 3.506/5.916/9.352/2.473 ms

Also, try to ping the google address to make sure that the internet is working fine as well.

netplan static ip setup

well, we are able to ping the gateway IP as well as the google address successfully and everything is up and running.

How to Set DNS Server in netplan?

In the previous step, did you notice last line which says name servers ?

That is nothing but the DNS entries.

If you just configure the static IP address alone without DNS, you will not be able to access the internet. So you need to make sure that you also defined the DNS servers.

If otherwise you are trying to access the internet with just IP addresses 🙂

Lets see what happens if you remove the nameservers.

Step 1. DNS lookup using NSLOOKUP.

I just removed the name server configuration from the netplan configuration, If you try to access google.com now, you would get no response as we have not defined the DNS configuration on Ubuntu.

Let’s quickly check the DNS resolution by doing nslookup.

[email protected]:/etc/netplan$ nslookup www.google.com
 Server:         127.0.0.53
 Address:        127.0.0.53#53
 ** server can't find www.google.com: SERVFAIL
 [email protected]:/etc/netplan$ 

see, the nslookup failed.

To configure the DNS in Ubuntu using netplan, you may go ahead and add the value nameserver, that defines the DNS server IP and search for the domain name.

Step 2. DNS configuration.

Edit the netplan configuration file again and add the values like below.

  • If you don’t have any internal DNS configured you can configure the nameserver like below pointing to public DNS servers.
network-manager-all.yaml                                                                                      
network:
        version: 2
        renderer: NetworkManager
        ethernets:
             eno2:
              dhcp4: no
              addresses: [192.168.0.100/24]
              gateway4: 192.168.0.1
              nameservers:
                search: [local]
                addresses: [4.2.2.2, 8.8.8.8]
  • If you have internal DNS configured then you may change it according to your local network, for example like below.
    As you can see I have netplan domain name as getlabsdone.local. , hence I have added them on the search filed.
 nameservers:
                search: [getlabsdone.local]    
                addresses: [10.1.1.10, 10.1.1.20]

Step 3. Apply the configuration.

I have pointed to the public DNS servers and, lets go ahead and apply the netplan configuration.

sudo netplan apply

Step 4. Verify the DNS configuration.

You can check the DNS name resolution by typing nslookup command again.

As you can see I am getting the DNS query response now, which means DNS configuration is working on the Ubuntu machine.

[email protected]:~$ nslookup www.google.com
 Server:         127.0.0.53
 Address:        127.0.0.53#53
 Non-authoritative answer:
 Name:   www.google.com
 Address: 216.239.32.117
 Name:   www.google.com
 Address: 216.239.36.117
 Name:   www.google.com
 Address: 216.239.38.117
 Name:   www.google.com
 Address: 216.239.34.117
 Name:   www.google.com
 Address: 2404:6800:4007:80e::2004
 [email protected]:~$ 

Ubuntu configure multiple static IP

Configuring the static IP address on multiple interfaces on Ubuntu are identical to how we configured static IP on a single interface, let’s take a look configuring static IP’s on multiple interfaces with Netplan.

I have a Ubuntu machine connected to a network with SIX interfaces ( ens3f0, ens3f1, ens5f0, ens5f1, ens6f0, ens6f1 ), and please note that the name could be different on your machine so making a note of the physical interface is very important. And you can get the physical interface name by typing ip addr in the terminal.

Those SIX interfaces are connected from the switch to the Ubuntu machine as shown below, each having different IP from the same subnet.

Netplan multiple interfaces

Step 1. Edit the Netplan Yaml file.

To edit the yaml file enter the command below.

sudo nano /etc/netplan/50-cloud-init.yaml

Step 2. Configure the IP addresses.

Follow the steps below to configure a physical interface statically.

  • Mention the block ‘ethernets‘
  • Just below that define the physical interface.
  • DHCP is set to false.
  • Mention the Address field for each interfaces.
  • Finally the Gateway4 for all the interfaces.

This is how the configuration look like for a single interface.

ethernets:
        ens3f0:
          dhcp4: no
          addresses: [10.25.101.206/24]
          gateway4: 10.25.101.1

Step 3. Configure all the interfaces

As I mentioned earlier, in my machine I have multiple interfaces and I would have to configure the IP address to all of them, so edit the yaml file in the following sequence.

# Let NetworkManager manage all devices on this system
network:
    version: 2
    renderer: NetworkManager
    ethernets:
        ens3f0:
          dhcp4: no
          addresses: [10.25.101.206/24]
          gateway4: 10.25.101.1
        ens3f1:
          dhcp4: no
          addresses: [10.25.101.207/24]
          gateway4: 10.25.101.1
        ens5f0:
          dhcp4: no
          addresses: [10.25.101.208/24]
          gateway4: 10.25.101.1
        ens5f1:
          dhcp4: no
          addresses: [10.25.101.209/24]
          gateway4: 10.25.101.1
        ens6f0:
          dhcp4: no
          addresses: [10.25.101.210/24]
          gateway4: 10.25.101.1
        ens6f1:
          dhcp4: no
          addresses: [10.25.101.211/24]
          gateway4: 10.25.101.1

Step 4. Apply the configuration.

For this chances to affect, you would have to apply the netplan configuration, to do that enter the below command.

 sudo netplan apply

Step 5. Verification.

  • To verify the configuration, you can type the command ip addr and it should show you the interfaces with its IP addresses. As you can see the IP address has been changed now for all the interfaces.
2: ens6f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:67:26:bb:17:42 brd ff:ff:ff:ff:ff:ff
    inet 10.25.101.210/24 brd 10.25.101.255 scope global noprefixroute ens6f0
       valid_lft forever preferred_lft forever
    inet6 fe80::d267:26ff:febb:1742/64 scope link 
       valid_lft forever preferred_lft forever
3: ens6f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:67:26:bb:17:43 brd ff:ff:ff:ff:ff:ff
    inet 10.25.101.211/24 brd 10.25.101.255 scope global noprefixroute ens6f1
       valid_lft forever preferred_lft forever
    inet6 fe80::d267:26ff:febb:1743/64 scope link 
       valid_lft forever preferred_lft forever
4: ens5f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:67:26:bb:10:04 brd ff:ff:ff:ff:ff:ff
    inet 10.25.101.208/24 brd 10.25.101.255 scope global noprefixroute ens5f0
       valid_lft forever preferred_lft forever
    inet6 fe80::d267:26ff:febb:1004/64 scope link 
       valid_lft forever preferred_lft forever
5: ens5f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:67:26:bb:10:05 brd ff:ff:ff:ff:ff:ff
    inet 10.25.101.209/24 brd 10.25.101.255 scope global noprefixroute ens5f1
       valid_lft forever preferred_lft forever
    inet6 fe80::d267:26ff:febb:1005/64 scope link 
       valid_lft forever preferred_lft forever
6: ens3f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fa brd ff:ff:ff:ff:ff:ff
    inet 10.25.101.206/24 brd 10.25.101.255 scope global noprefixroute ens3f0
       valid_lft forever preferred_lft forever
    inet6 fe80::d267:26ff:febb:16fa/64 scope link 
       valid_lft forever preferred_lft forever
7: ens3f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
    inet 10.25.101.207/24 brd 10.25.101.255 scope global noprefixroute ens3f1
       valid_lft forever preferred_lft forever
    inet6 fe80::d267:26ff:febb:16fb/64 scope link 
       valid_lft forever preferred_lft forever
  • We would also need to check the connectivity of the network. To do that, let’s go ahead and initiate the ping from the switch.
[GLD]ping 10.25.101.206
Ping 10.25.101.206 (10.25.101.206): 56 data bytes, press CTRL_C to break
56 bytes from 10.25.101.206: icmp_seq=0 ttl=64 time=1.177 ms
56 bytes from 10.25.101.206: icmp_seq=1 ttl=64 time=0.938 ms
56 bytes from 10.25.101.206: icmp_seq=2 ttl=64 time=0.726 ms
56 bytes from 10.25.101.206: icmp_seq=3 ttl=64 time=0.692 ms
56 bytes from 10.25.101.206: icmp_seq=4 ttl=64 time=0.826 ms
--- Ping statistics for 10.25.101.206 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.692/0.872/1.177/0.175 ms
[GLD]ping 10.25.101.207
Ping 10.25.101.207 (10.25.101.207): 56 data bytes, press CTRL_C to break
56 bytes from 10.25.101.207: icmp_seq=0 ttl=64 time=0.774 ms
56 bytes from 10.25.101.207: icmp_seq=1 ttl=64 time=0.743 ms
56 bytes from 10.25.101.207: icmp_seq=2 ttl=64 time=0.769 ms
56 bytes from 10.25.101.207: icmp_seq=3 ttl=64 time=0.635 ms
56 bytes from 10.25.101.207: icmp_seq=4 ttl=64 time=0.781 ms
--- Ping statistics for 10.25.101.207 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.635/0.740/0.781/0.054 ms
[GLD]ping 10.25.101.208
Ping 10.25.101.208 (10.25.101.208): 56 data bytes, press CTRL_C to break
56 bytes from 10.25.101.208: icmp_seq=0 ttl=64 time=0.970 ms
56 bytes from 10.25.101.208: icmp_seq=1 ttl=64 time=0.821 ms
56 bytes from 10.25.101.208: icmp_seq=2 ttl=64 time=0.737 ms
56 bytes from 10.25.101.208: icmp_seq=3 ttl=64 time=0.832 ms
56 bytes from 10.25.101.208: icmp_seq=4 ttl=64 time=0.930 ms
--- Ping statistics for 10.25.101.208 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.737/0.858/0.970/0.083 ms
[GLD]ping 10.25.101.209
Ping 10.25.101.209 (10.25.101.209): 56 data bytes, press CTRL_C to break
56 bytes from 10.25.101.209: icmp_seq=0 ttl=64 time=0.879 ms
56 bytes from 10.25.101.209: icmp_seq=1 ttl=64 time=0.825 ms
56 bytes from 10.25.101.209: icmp_seq=2 ttl=64 time=0.692 ms
56 bytes from 10.25.101.209: icmp_seq=3 ttl=64 time=0.741 ms
56 bytes from 10.25.101.209: icmp_seq=4 ttl=64 time=0.759 ms
--- Ping statistics for 10.25.101.209 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.692/0.779/0.879/0.066 ms
[GLD]ping 10.25.101.210
Ping 10.25.101.210 (10.25.101.210): 56 data bytes, press CTRL_C to break
56 bytes from 10.25.101.210: icmp_seq=0 ttl=64 time=0.897 ms
56 bytes from 10.25.101.210: icmp_seq=1 ttl=64 time=0.710 ms
56 bytes from 10.25.101.210: icmp_seq=2 ttl=64 time=1.277 ms
56 bytes from 10.25.101.210: icmp_seq=3 ttl=64 time=0.715 ms
56 bytes from 10.25.101.210: icmp_seq=4 ttl=64 time=0.731 ms
--- Ping statistics for 10.25.101.210 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.710/0.866/1.277/0.217 ms
[GLD]ping 10.25.101.211
Ping 10.25.101.211 (10.25.101.211): 56 data bytes, press CTRL_C to break
56 bytes from 10.25.101.211: icmp_seq=0 ttl=64 time=5.480 ms
56 bytes from 10.25.101.211: icmp_seq=1 ttl=64 time=0.821 ms
56 bytes from 10.25.101.211: icmp_seq=2 ttl=64 time=0.798 ms
56 bytes from 10.25.101.211: icmp_seq=3 ttl=64 time=0.730 ms
56 bytes from 10.25.101.211: icmp_seq=4 ttl=64 time=0.759 ms
--- Ping statistics for 10.25.101.211 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.730/1.718/5.480/1.881 ms
[GLD]

All the interfaces are reachable from the switch.
That was pretty easy, wasn’t it, let’s go bit advanced.

How to add second IP address ubuntu?

Sometimes you may want to use two different IP addresses on your ubuntu machine on the same interface, one being the primary and the other being the secondary.
This is also one of the use cases where you wanted to move from a legacy networking subnet to a new one without bringing down the network.

For this, I have Ubuntu machine connected to the network using a single interface and that interface has the default gateway 172.16.1.1 and 10.1.1.1 as a secondary IP. This is what we are going to do.

  • Add the primary address and secondary address 172.16.1.10 and 10.1.1.10.
  • As we cannot add default gateway for two IP addresses, we need to use something called routing.
  • With the help of netplan routing command, you can add two default routes one with lower metric which will be preferred and another with the higher metric. so the machine can out to the internet.

Step 1. Sample configuration.

The configuration looks the same as previous but a new field added as addresses and we have configured secondary address there on the second field.

  1. First we added two IP addresses.
  2. second we added the DNS servers.
  3. Finally the routes command to route the packet to two different network. One with the metric of 10 and other with 100.
enp0s3:
          dhcp4: no
          dhcp6: no
          addresses: [172.16.1.10/24]
          addresses: [10.1.1.10/24]
          nameservers:
                search: [local]
                addresses: [4.2.2.2, 8.8.8.8]
          routes:
             - to: 0.0.0.0/0
               via: 172.16.1.1
               metric: 10
             - to: 0.0.0.0/0
               via: 10.1.1.1
               metric: 100

Step 2. Apply the configuration.

Apply the netplan configuration by typing sudo netplan apply

Step 4. Verification

The IP configuration would look like below. Apart from the primary IP address you can also see the secondary IP address as well.

[email protected]:/etc/netplan$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:a1:14:23 brd ff:ff:ff:ff:ff:ff
    inet 172.16.1.10/24 brd 172.16.1.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
    inet 10.1.1.10/24 brd 10.1.1.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fea1:1423/64 scope link 
       valid_lft forever preferred_lft forever

Lets ping the newly added IP’s default gateway, as you can se we are able to reach both the gateways.

How about the routing table after adding the secondary IP in netplan ?

You can type the command ip route to see the routing table in ubuntu

As you can see there are two default routes one with the metric 20010 and other with 20100, and the traffic to other network or towards the internet would be via the gateway 172.16.1.1.

You can achieve the same result by keeping the netplan configuration first address with DHCP and second as static as well.

How to configure the bond using netplan?

It’s quite common to see in a network environment that multiple interfaces are connected to the network devices for redundancy.

In the event of one of the link ever goes down, the remaining links would take care of the traffic.

Bonding with LACP on netplan

Bonding is a way to club multiple interfaces as one and get maximum bandwidth. There are multiple protocols that help you create bonding, one among them is the industry standard known as LACP. And we are going to configure bonding using LACP with Netplan on Ubuntu.

If you are from a networking background, the bond interface usually calls it as port channel, bridge aggregation, link aggregation. However, when it comes to the server side we call it bonding or bond interface. In the end the it is the same thing.

Below is what my next lab physical connectivity looks like.

The Ubuntu box connected to a Layer3 switch with the SIX interfaces.

For all those SIX interfaces, I am going to club all of them as Bond0 with an IP address, this interface is an untagged port (access port), and configured with port-channel on the switch side.

Later we will take look at a tagged configuration using a specific VLAN.

Note: Switch configuration not covered here.

netplan bonding example

In /etc/netplan edit the yaml file as below.

Step 1. Group the interface.

First, you need to group all the interfaces as one, since I have the interface name started with ens, I grouped them as ens*. Which basically says any interface start with the name ens.

ethernets:
   eports:
     match: 
       name: ens*

Step 2. Configure the Bond interface.

Then define the bond interface and call the interface group eports that you have just created and configure the IP address on it as well.

bonds:
   bond0:
     interfaces: [eports]
     addresses: [10.1.1.10/24]
     gateway4: 10.1.1.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]

Step 3. Add the LACP configuration.

After that add the LACP configurations, LACP is the standard bonding protocol.

   parameters:
       mode: 802.3ad
       lacp-rate: fast
       mii-monitor-interval: 100
  • The final netplan configuration would look like below.
network:
 version: 2
 renderer: networkd
 ethernets:
   eports:
     match: 
       name: ens*
 bonds:
   bond0:
     interfaces: [eports]
     addresses: [10.1.1.10/24]
     gateway4: 10.1.1.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]
     parameters:
       mode: 802.3ad
       lacp-rate: fast
       mii-monitor-interval: 100

Step 4. Apply the configuration.

Save the configuration and apply the configuration that you have just made using the command below.

sudo netplan apply

Step 5. Verification.

  • When you type IP addr, you should now be able to see the physical interface has become SLAVE and it is up now. You can also see, the master is bond0 interface.
2: ens6f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
3: ens6f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
4: ens5f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
5: ens5f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
6: ens3f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
7: ens3f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
  • When we look into the status of Bond0 interface you can see, it has become master and it is up as well, also got an IP address 10.1.1.10, which is good!.
16: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether d0:67:26:bb:16:fb brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.10/24 brd 10.1.1.255 scope global bond0
       valid_lft forever preferred_lft forever
  • Lets ping the default gateway to make sure that the connectivity is okay.
[email protected]:/etc/netplan$ ping -c 4 10.1.1.1
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=255 time=0.729 ms
64 bytes from 10.1.1.1: icmp_seq=2 ttl=255 time=0.644 ms
64 bytes from 10.1.1.1: icmp_seq=3 ttl=255 time=0.627 ms
64 bytes from 10.1.1.1: icmp_seq=4 ttl=255 time=0.907 ms
--- 10.1.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3075ms
rtt min/avg/max/mdev = 0.627/0.726/0.907/0.115 ms
[email protected]:/etc/netplan$

Great!, our Bond0 is working as expected.

How to create Bond interface with VLAN tagged?

netplan bond vlan

Sometimes , you may want to carry multiple VLAN on the same bond interfaces, that way you can separate each network into different broadcast domain.

To achieve the VLAN tagging on the interface, you can configure sub interface on the bond. Each sub interface indicate specific VLAN. For example, if wanted to create sub interface for the VLAN 20, the interface name should look like below.

Bond0.20

In this method, we are going to create Bond0 with a subinterface ( Bond0.10) that represents a VLAN tagged interface using netplan VLAN. And bond0 will act as the trunk.

1. Edit the netplan configuration file as below.

cd /etc/netplan/
sudo nano 01-network-manager-all.yaml

2. Group the interfaces.

Like above, group all the interface as one as eports here.

network:
 version: 2
 renderer: networkd
 ethernets:
     eports:
       match:
         name: ens*

3. Create netplan VLAN trunk.

In the netplan YAML file add the bond0 interface under bonds, just below that add the LACP parameters.

bonds:
   bond0:
     interfaces: [eports]
     dhcp4: no
     parameters:
       mode: 802.3ad
       mii-monitor-interval: 100

4. Create bond sub interfaces.

Create a VLAN with the VLAN blocks and name the VLAN as bond0.10.

The ID which represents the VLAN ID as 10, and You should also point the physical interface using the link then the IP addresses parameters.

vlans:
   bond0.10:
     id: 10
     link: bond0
     addresses: [10.1.1.10/24]
     gateway4: 10.1.1.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]

5. Validate the configuration.

The final netplan configuration would look like below.

network:
 version: 2
 renderer: networkd
 ethernets:
     eports:
       match:
         name: ens*
 bonds:
   bond0:
     interfaces: [eports]
     dhcp4: no
     parameters:
       mode: 802.3ad
       lacp-rate: fast
       mii-monitor-interval: 100
 vlans:
   bond0.10:
     id: 10
     link: bond0
     addresses: [10.1.1.10/24]
     gateway4: 10.1.1.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]

6. Apply the netplan configuration.

sudo netplan apply

7. Netplan verification.

As you can see the physical interface has become slave and the bond0 become the master. This time no IP address on the bond0

8: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether a6:29:49:0c:2a:db brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a429:49ff:fe0c:2adb/64 scope link 
       valid_lft forever preferred_lft forever
  • All the down below, You can also see the vlan interface as bond0.10 and it’s IP address as well.
9: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether a6:29:49:0c:2a:db brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.10/24 brd 10.1.1.255 scope global bond0.10
       valid_lft forever preferred_lft forever
    inet6 fe80::a429:49ff:fe0c:2adb/64 scope link
  • Lets ping from the switch to the IP of the vlan interface that we have created on ubuntu using netplan.
<GLD>ping 10.1.1.10
Ping 10.1.1.10 (10.1.1.10): 56 data bytes, press CTRL_C to break
56 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=1.447 ms
56 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=1.544 ms
56 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=1.842 ms
56 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=5.763 ms
56 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=1.542 ms
--- Ping statistics for 10.1.1.10 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.447/2.428/5.763/1.673 ms
<GLD>

Well, that worked just fine and our vlan interface is up and running.

How to tag multiple VLAN’s in a Bond using netplan?

In the last section, we configured trunk interface using netplan but carrying only single VLAN, VLAN 10.

In some scenarios, you might require multiple VLANs to be carried by the same physical link.

So let’s see how we can achieve the same using netplan, here we are going to configure netplan VLAN trunk that carries vlan 10,20 and 30 like below.

Netplan vlan on bond

1. Modify the Netplan configuration.

Last time, we had one VLAN interface, this time I am adding two extra configurations form VLAN 20 and 30.

Just copy and paste the same VLAN10 netplan configuration just below the VLAN 10 configuration and change the VLAN ID and IP address values like below.

network:
 version: 2
 renderer: networkd
 ethernets:
     eports:
       match:
         name: ens*
 bonds:
   bond0:
     interfaces: [eports]
     dhcp4: no
     parameters:
       mode: 802.3ad
       lacp-rate: fast
       mii-monitor-interval: 100
 vlans:
   bond0.10:
     id: 10
     link: bond0
     addresses: [10.1.1.10/24]
     gateway4: 10.1.1.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]
 vlans:
   bond0.20:
     id: 20
     link: bond0
     addresses: [10.2.2.10/24]
     gateway4: 10.2.2.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]
 vlans:
   bond0.30:
     id: 30
     link: bond0
     addresses: [10.3.3.10/24]
     gateway4: 10.3.3.1
     nameservers:
       search: [local]
       addresses: [4.2.2.2]

2. Apply the configuration.

apply the configuration by typing sudo netplan apply

3. Verify the configuration.

You can see the extra VLAN interfaces by typing ip addr command in Ubuntu.

VLAN 10

9: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether a6:29:49:0c:2a:db brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.10/24 brd 10.1.1.255 scope global bond0.10
       valid_lft forever preferred_lft forever
    inet6 fe80::a429:49ff:fe0c:2adb/64 scope link 

VLAN 20

15: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether a6:29:49:0c:2a:db brd ff:ff:ff:ff:ff:ff
    inet 10.2.2.10/24 brd 10.2.2.255 scope global bond0.20
       valid_lft forever preferred_lft forever
    inet6 fe80::a429:49ff:fe0c:2adb/64 scope link 
       valid_lft forever preferred_lft forever

VLAN 30

14: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether a6:29:49:0c:2a:db brd ff:ff:ff:ff:ff:ff
    inet 10.3.3.10/24 brd 10.3.3.255 scope global bond0.30
       valid_lft forever preferred_lft forever
    inet6 fe80::a429:49ff:fe0c:2adb/64 scope link 
       valid_lft forever preferred_lft forever
  • Let’s ping these IP address from the switch to see if we are getting any response.
<GLD-SW11>ping 10.1.1.10
Ping 10.1.1.10 (10.1.1.10): 56 data bytes, press CTRL_C to break
56 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=1.254 ms
56 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=1.280 ms
56 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=1.254 ms
56 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=1.099 ms
56 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=1.173 ms
--- Ping statistics for 10.1.1.10 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.099/1.212/1.280/0.067 ms
<GLD-SW11>ping 10.2.2.10
Ping 10.2.2.10 (10.2.2.10): 56 data bytes, press CTRL_C to break
56 bytes from 10.2.2.10: icmp_seq=0 ttl=64 time=12.675 ms
56 bytes from 10.2.2.10: icmp_seq=1 ttl=64 time=1.466 ms
56 bytes from 10.2.2.10: icmp_seq=2 ttl=64 time=1.392 ms
56 bytes from 10.2.2.10: icmp_seq=3 ttl=64 time=1.057 ms
56 bytes from 10.2.2.10: icmp_seq=4 ttl=64 time=1.107 ms
--- Ping statistics for 10.2.2.10 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.057/3.539/12.675/4.571 ms
<GLD-SW11>ping 10.3.3.10
Ping 10.3.3.10 (10.3.3.10): 56 data bytes, press CTRL_C to break
56 bytes from 10.3.3.10: icmp_seq=0 ttl=64 time=1.507 ms
56 bytes from 10.3.3.10: icmp_seq=1 ttl=64 time=11.961 ms
56 bytes from 10.3.3.10: icmp_seq=2 ttl=64 time=3.114 ms
56 bytes from 10.3.3.10: icmp_seq=3 ttl=64 time=1.139 ms
56 bytes from 10.3.3.10: icmp_seq=4 ttl=64 time=13.636 ms
--- Ping statistics for 10.3.3.10 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.139/6.271/13.636/5.397 ms
<GLD-SW11>

As you can see its working as expected.

Grouping error in netplan

If you ever tried to configure bonding with the Ubuntu desktop using NetworkManager you might have seen the below error when you tried to group the interfaces.

networkmanager definitions do not support name globbing

To resolve this issue you can change the renderer from Network manager to networkd like below. If you apply the netplan now everything should work just fine.

networkmanager definitions do not support name globbing

How do I tag VLAN on Ubuntu using Netplan.

The same way we configured the VLANs on the bond interface, you can configure the same on a single interface as well.

Below is the diagram that I am going to use this time, I have a Ubuntu box on the far right side, which is connected to a switch named sw2. Switch2 is configured with the VLAN and the default gateway is behind the switch 2 on multiple devices on the far left side.

The reason why I am choosing this topology because, we would be configuring routing on a VLAN on the same topology.

netplan vlan interfaces

The SW2 again connected to three different network.

  • SW1 on the left provides the access to the internet and it has the IP address of 10.1.1.1
  • SW3 is providing network access to VLAN 20 and it has two internal networks 10.2.2.0/24 and 192.168.1.0/24.
  • Finally, the SW4 has the VLAN 30 and the network 10.3.3.0/24 and 172.16.1.0/24.

I am using Ubuntu desktop 18.04 installed on a hypervisor. It has got the interface ens3.
To represent VLAN tagged interface, we need to create a sub-interface from the physical interface ens3.

Let’s go ahead and configure the VLAN interfaces from this physical interface.

You can see the representation of the sub interface on the right side.

1. Creation of sub interfaces to represent the VLAN’s

Go to etc/netplan and edit the netplan configuration files to add the VLAN interfaces.

  • First block look like below, where you have the version, renderer and ethernets are defined.
mulitple vlan configuration using netplan

Lets go ahead and add the vlan interfaces one by one.

  • For VLAN 10
configure vlan interface using netplan
  • For VLAN 20
configure vlan interface using netplan
  • For VLAN 30
how to create multiple vlans using netplan
  • The final Configuration would look like below.
mulitple vlan gateways configuration using netplan

2. Apply the configuration.

Apply the configuration with sudo netplan apply command.

3. Verification

We just configured the VLAN interfaces using netplan, to verify the configuration that you just made, Enter the command ip addr

As you can see below both the physical interface as well as VLAN subinterfaces. Awesome!

netplan ubuntu

Ping each VLAN gateways to make sure it is able to talk to the network.

As you can see I am able to ping all the three VLAN gateways from my Ubuntu machine.

netplan vlan interfaces example

Getting an error while applying the configuration?

In the above scenario everything worked just fine, however in some of the scenarios, when you try to create VLAN interfaces using Netplan, it wouldn’t come up.

Everytime when I try to apply the config, it would show the below error message.

Invalid Yaml: inconsistend indentation:

Thats because, you have not applied the configuration properly.

Note : This is a different scenario, not the same example as before. here I am using vlan 100 and 200.

Before the change.

If you look into it there is no column on the vlan interface. lets add that and that should fix the issue.

After the change.

Apply the config, now if you check the IP address configuration, it should reflect the new VLAN IP addresses.

netplan vlan tagging

Let’s also verify by pinging the IP address.

As you can see, all the VLAN’s are working fine.

How to configure static route using netplan in ubuntu?

In the last section, we have created multiple VLAN interfaces in Ubuntu. And we are going to see how we can configure routing on VLAN interfaces using netplan.

And all the VLAN interfaces are working fine and able to ping the default gateways in our previous VLAN tagging configurations.


But if you look closely at the diagram, you should be able to see there is internet access through VLAN10, and to reach 192.168.1.0 you should use VLAN 20, finally for the network 172.16.1.0 to reach you should go via VLAN 30.

However that’s not configured yet!

netplan route via interface

Let’s check IP routing to see how the routing table looks like.

netplan static route via device

As you can see in the screenshot above, the Ubuntu host only knows about its local network, it also thinks that it can reach the internet using all of its links, which is not true.

Note: The default route represents the internet access, which is three right now.

Note: If you are wondering how this default route being added in the routing table. Remember, we have added default gateway for all the VLAN interfaces configuration, that is where it picked up.

  • Having a default route on a single interface network is not a big deal but here it is a problem as we have multiple interfaces and only VLAN 10 provide the internet access. Hence default route should be pointing to only the VLAN 10, not to other interfaces.
  • And if you try to ping 8.8.8.8, which is the internet IP. You get the response but there is some packet loss due to this.
netplan set default route

Okay, I can somehow reach the internet, but what about the other networks ?

Will I be able to reach them as well ?

Neither there are routes for 192.168.1.0/24 via VLAN 20, nor 172.16.1.0/24 via VLAN 30.

As a result, you won’t get a response from those IPs.

netplan routes not working

So lets configure static route where there is multiple gateways.

1. Set the Gateway for the internet.

In the netplan configuration keep the default gateway for VLAN 10 interface as it is.

As you already know the internet access is provided via VLAN 10, check the diagram again.

netplan default route

2. Remove the default gateway.

Since the VLAN 20 and 30 do not provide the internet access, let’s go ahead and remove the default gateway for the VLAN interface 20 and 30.

We also need to add static routes for the network 192.168.1.0/24 and 172.16.1.0/24 hence add them to the VLAN 20 and 30 configuration.

  • VLAN 20
netplan default route
  • VLAN 30
ubuntu netplan static route
  • The final configuration would look like below.
netplan configure static route

3. Apply the configuration sudo netplan apply

4. verify the configuration.

  • To verify the configuration, first lets go ahead and check the ip routing table.
Netplan vlan routes

Well, do you see the deafferents now as compared to the last routing table ?

we now only have a default route pointing to the VLAN 10 interface. which is good!

Apart from the local subnet, we do have remote subnet 192.168.1.0/24 and 172.16.1.0/24 in the routing table via VLAN 20 and 30 respectively as well.

Lets do the ping and verify the connectivity.

Netplan vlan routes

As you can see we are able to reach the internet IP 8.8.8.8 with no packet loss.

And we were not able to ping the remote subnet before but all the network we are able to reach and our routing configuration using netplan is working successfully.

How to create bridge interface in Ubuntu?

Bridge interface in Linux is a virtual switch and you can create multiple bridge interfaces that can connect to the VM’s under Libvirt.

Maybe you can have bridge interface 100 that represents VLAN 100 that can be connected to some of VM’s and bridge interface 200 the represents VLAN 200 for another set of VM’s.

Below is an example, where I have a layer3 switch configured with VLAN gateways for VLAN 100, 200 and 300. The first link ens3 between the switch and the KVM host is a trunk that carrying those VLAN’s and the second interface ens4 is a KVM host management interface.

Let’s go ahead and create the bridge interfaces which later we can use to connect to the VM’s.

The KVM host has two interfaces, ens3 and ens4.

ens4 we will be using it to manage the Ubuntu KVM host and assign an IP address 192.168.1.100 and for the ens3, we would split them to 3 different VLAN’s as 100, 200 and 300 finally create bridge interfaces from the VLAN.

netplan bridge interfaces

1. Install the bridge utilities.

The first step before you configure the bridge interfaces in Ubuntu using netplan is to install the bridge utility program on the Ubuntu.

Enter the below commands to install the bridge utility package.

apt-get install bridge-utils -y

2. Configure the management interface.

lets configure the mangement interface ens4 with an IP address 192.168.1.100

3. Configure the VLAN interfaces.

First I defined the physical interface that I am going to use, in this case ens3. then I have created three layer2 VLAN’s with no IP address.

netplan bridge stp

4. Configure the Bridge interfaces.

First created a bridge block, and defined the bridge interfaces starting from bridge 100, then I pointed to each VLAN interfaces, configured to not use dhcp4 and STP enabled.

netplan bridge interfaces

Final configuration look like below.

netplan bridge stp

5. Apply the configuration.

Apply the netplan configuration using the command sudo netplan apply.

6. Point the VM’s to use the bridge interfaces.

As you can see, I am trying to create a VM1 in KVM, and I am able to see list of bridge interfaces that we have created.

netplan bridge vlan

I have picked up bridge interface 100 for the VM1.

netplan bridge kvm

7. Verification.

Type IP addr to see the interfaces that we have created.

In the VM I have configured the IP address 10.1.1.10/24.

And when I try to ping my default gateway which is on the switch 10.1.1.1 as you can see, I am getting the ping response.

netplan bridge kvm

Which indicates the bridge interface is working fine.

Saifudheen Sidheeq

Saifudheen is in the Computer networking and technology field for about a decade now. He loves technology and new ideas, and in his spare time, he loves to write about them.

Recent Posts