Debian - How to create VLAN interface

VLAN (virtual local area network) is very useful concept as you can easily separate device management from users by using appropriate network devices and configuration. I will describe here in a form of a short note how to create VLAN interface using Debian system.

Preparations

Install user mode programs to enable VLANs on your ethernet devices:

$ sudo apt-get install vlan

Load 8021q module (IEEE 802.1Q):

$ sudo modprobe 8021q

Add the above-mentioned 8021q kernel module to the /etc/modules configuration file to load it at the boot time.

$ echo 8021q | sudo tee -a /etc/modules

Verify /etc/modules file contents.

$ cat /etc/modules
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
# Parameters can be specified after the module name.

loop
8021q

Temporary solution

Create VLAN 700 on the eth0 device:

$ sudo vconfig add eth0 700
Added VLAN with VID == 700 to IF -:eth0:-

Set IP address (10.100.10.77 netmask 255.255.255.0 in this example):

$ sudo ifconfig eth0.700 10.100.10.77/24

Created interface is named as eth0.700:

$ sudo ifconfig -a
eth0      Link encap:Ethernet  HWaddr 84:8f:69:b0:fa:0a  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:49 

eth0.700  Link encap:Ethernet  HWaddr 84:8f:69:b0:fa:0a  
          inet addr:10.100.10.77  Bcast:10.100.10.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:884 (884.0 B)  TX bytes:3158 (3.0 KiB)

Now you can access other hosts available in VLAN 700:

$ ping -c 1 10.100.10.1
PING 10.100.10.1 (10.100.10.1) 56(84) bytes of data.
64 bytes from 10.100.10.1: icmp_req=1 ttl=64 time=1.28 ms

--- 10.100.10.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.282/1.282/1.282/0.000 ms

To remove VLAN 700 from the eth0 interface execute command:

$ sudo vconfig rem eth0.700
Removed VLAN -:eth0.700:-

Permanent solution

To create VLAN at the boot time you need to get familiar with /etc/network/interfaces configuration file (man interfaces, man vlan-interfaces).

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp

To create VLAN 700 on the eth0 interface at the boot time just add similar configuration:

# add vlan 700 on eth0 - static IP address
auto eth0.700
iface eth0.700 inet static
 address 10.100.10.77
 netmask 255.255.255.0

There is also alternative way to name vlan interfaces, it is rarely used, but useful in some cases (like vserver virtualization).

$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
  address 192.168.0.5
  netmask 255.255.255.0
  gateway 192.168.0.254

auto vlan119
iface vlan119 inet static
  vlan-raw-device eth0
  address 192.168.119.5
  netmask 255.255.255.0

auto vlan101
iface vlan101 inet static
  vlan-raw-device eth0
  address 10.250.101.5
  netmask 255.255.255.0
Milosz Galazka's Picture

About Milosz Galazka

Milosz is a Linux Foundation Certified Engineer working for a successful Polish company as a system administrator and a long time supporter of Free Software Foundation and Debian operating system. He is also open for new opportunities and challenges.

Gdansk, Poland https://sleeplessbeastie.eu