Debian - How to create VLAN interface

VLAN (virtual local area network) is very useful concept as you can easily separate device management from users by using appropriate network devices and configuration. I will describe here in a form of a short note how to create VLAN interface using Debian system.

Preparations

Install user mode programs to enable VLANs on your ethernet devices:

$ sudo apt-get install vlan

Load 8021q module (IEEE 802.1Q):

$ sudo modprobe 8021q

Add the above-mentioned 8021q kernel module to the /etc/modules configuration file to load it at the boot time.

$ echo 8021q | sudo tee -a /etc/modules

Verify /etc/modules file contents.

$ cat /etc/modules
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
# Parameters can be specified after the module name.

loop
8021q

Temporary solution

Create VLAN 700 on the eth0 device:

$ sudo vconfig add eth0 700
Added VLAN with VID == 700 to IF -:eth0:-

Set IP address (10.100.10.77 netmask 255.255.255.0 in this example):

$ sudo ifconfig eth0.700 10.100.10.77/24

Created interface is named as eth0.700:

$ sudo ifconfig -a
eth0      Link encap:Ethernet  HWaddr 84:8f:69:b0:fa:0a  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:49 

eth0.700  Link encap:Ethernet  HWaddr 84:8f:69:b0:fa:0a  
          inet addr:10.100.10.77  Bcast:10.100.10.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:884 (884.0 B)  TX bytes:3158 (3.0 KiB)

Now you can access other hosts available in VLAN 700:

$ ping -c 1 10.100.10.1
PING 10.100.10.1 (10.100.10.1) 56(84) bytes of data.
64 bytes from 10.100.10.1: icmp_req=1 ttl=64 time=1.28 ms

--- 10.100.10.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.282/1.282/1.282/0.000 ms

To remove VLAN 700 from the eth0 interface execute command:

$ sudo vconfig rem eth0.700
Removed VLAN -:eth0.700:-

Permanent solution

To create VLAN at the boot time you need to get familiar with /etc/network/interfaces configuration file (man interfaces, man vlan-interfaces).

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp

To create VLAN 700 on the eth0 interface at the boot time just add similar configuration:

# add vlan 700 on eth0 - static IP address
auto eth0.700
iface eth0.700 inet static
 address 10.100.10.77
 netmask 255.255.255.0
Milosz Galazka's Picture

About Milosz Galazka

Milosz is a Linux Foundation Certified Engineer working for a successful Polish company as a system administrator and a long time supporter of Free Software Foundation and Debian operating system.

Gdansk, Poland https://sleeplessbeastie.eu