UNIX Networking: Multiple VLANs on One Interface

Tech Articles
Welcome page
Usually, a Linux server will only use one VLAN. Sometimes, a Linux server will use more than one VLAN, with a dedicated network interface for each. This article describes how more than one VLAN can be accessed on one interface.
Introduction
In order for a Linux server to support more than one VLAN on one network interface, both and OS and networking configuration is needed.

Network Configuration

Ethernet Interfaces on the network side can be configured as access ports or trunk ports.

An access port:
  • Can carry traffic for only one VLAN
  • Can only have one VLAN configured on the interface
  • Most UNIX Systems Administrators are familiar with access ports

A trunk port:
  • Can carry traffic for two or more VLANs
  • Can only have two or more VLANs configured on the interface

The traffic on a trunk port must use VLAN tagging defined in IEEE 802.1Q. This adds a 32-bit field immediately after the Source Address (which is a MAC address). This tag indicates which VLAN the frame and packet belong.

IEEE 802.1Q defines the Multiple VLAN Registration Protocol, an OSI layer 2 protocol, which allows bridges to negotiate the set of VLANs to be used over a specific link.


OS Configuration in /etc/sysconfig/network-scripts/

The VLAN interface can be configured in /etc/sysconfig/network-scripts/ifcfg-ethX where X is the parent interface followed by a . character and then the VLAN id. If you are configuring eth1 to connect to vlan 193 with the network being 193.168.1.0 and the IP address 193.168.1.1 then the file should be called:
ifcfg-eth1.193

And the contents should be:
DEVICE=eth1.193
BOOTPROTO=none
ONBOOT=yes
IPADDR=193.168.1.1
PREFIX=24
NETWORK=193.168.1.0
VLAN=yes

If you wish to test the setting ahead of time before changing the configuration files, use this command:

ip link add link eth1 name eth1.193 type vlan id 193

Note: for this to survive a reboot, edit the VLAN interface configuration file in /etc/sysconfig/network-scripts/ as described above.


Tech Articles
Welcome page