Was sind vLANs?

vLANs sind virtuelle Netze innerhalb von Netzen oder Switches. Damit können z.B. Ports an Switches gruppiert und der Verkehr zwischen den Unterschiedlichen Gruppen getrennt werden. Ebenso kann man Quality of Service Definitionen zum Priorisieren von Diensten erstellen.

vLANs unter Ubuntu/Debian

Vorbereitungen

zuerst muss das entsprechende Paket installiert werden

sudo apt install vlan

anschliesend das Modul laden

sudo modprobe 8021q

evtl. in /etc/modules eintragen

Interface Definitionen

Port basierend: vlan<vlan id>
Tag basierend:  eth<port #>.<vlan id>

Konfiguration via /etc/network/interfaces

Port basierend

auto vlan1
iface vlan1 inet static
 address 10.0.0.1
 netmask 255.255.255.0
 vlan_raw_device eth0

Tag basierend

auto eth0
iface eth0 inet static
   address 172.30.88.100
   netmask 255.255.255.0
     
auto eth0.2
iface eth0.2 inet static
   address 172.30.232.100
   netmask 255.255.255.0
   vlan-raw-device eth0

Vlan Infos

cat /proc/net/vlan/config

VLAN Dev name	 | VLAN ID
Name-Type: VLAN_NAME_TYPE_PLUS_VID_NO_PAD
enp2s0.2       | 2  | enp2s0
vlan2          | 2  | enp3s0

Beispiele

Tabelle: vlan device | vlan id | eth device

vi /etc/network/interfaces

# Standard loopback Interface
auto lo
iface lo inet loopback

# Interface ohne vLAN
auto eth0
iface eth0 inet static
	address 192.168.249.100
	netmask 255.255.240.0
	network 192.168.240.0
	broadcast 192.168.255.255
	gateway 192.168.240.100
	# dns-* options are implemented by the resolvconf package, if installed
	dns-nameservers 192.168.240.21
	dns-search alpha.quadrant

# Virtuelle Interfaces

auto eth0:1
iface eth0:1 inet static
        address 172.23.241.111
        netmask 255.255.255.0

auto eth0:2
iface eth0:2 inet static
        address 172.23.242.111
        netmask 255.255.255.0

auto eth0:3
iface eth0:3 inet static
        address 192.168.33.111
        netmask 255.255.255.0

# Tag basierende vLANs

## eth1 und eth2 in vLAN 1

iface eth1 inet static
	post-up vconfig add eth1 1
	pre-down vconfig rem eth1.1
iface eth1.1 inet static
	address 172.30.232.100
	netmask 255.255.255.0
auto eth1.1
auto eth1

iface eth2 inet static
	post-up vconfig add eth2 1
	pre-down vconfig rem eth2.1
iface eth2.1 inet static
	address 172.30.232.101
	netmask 255.255.255.0
auto eth2.1
auto eth2

## eth3 und eth4 in vLAN 2

iface eth3 inet static
	post-up vconfig add eth3 2
	pre-down vconfig rem eth3.2
iface eth3.2 inet static
	address 172.30.243.100
	netmask 255.255.255.0
auto eth3.2
auto eth3

iface eth4 inet static
	post-up vconfig add eth4 2
	pre-down vconfig rem eth4.2
iface eth4.2 inet static
	address 172.30.243.101
	netmask 255.255.255.0
auto eth4.2
auto eth4

## eth5 in vLAN 1 und 2

iface eth5 inet static
	post-up vconfig add eth5 1
	pre-down vconfig rem eth5.1
	post-up vconfig add eth5 2
	pre-down vconfig rem eth5.2
iface eth5.1 inet static
	address 172.30.232.102
	netmask 255.255.255.0
iface eth5.2 inet static
	address 172.30.243.102
	netmask 255.255.255.0
auto eth5.1
auto eth5.2
auto eth5

# Port basierende vLANs

## eth6 als vLAN 6

auto vlan6
iface vlan6 inet static
	address 172.30.244.100
	netmask 255.255.255.0
	mtu 1500
	vlan_raw_device eth6

## eth7 als vLAN 7 und 8

auto vlan7
iface vlan7 inet static
	address 172.30.245.100
	netmask 255.255.255.0
	mtu 1500
	vlan_raw_device eth7

auto vlan8
iface vlan8 inet static
	address 172.30.246.100
	netmask 255.255.255.0
	vlan_raw_device eth7

Vlans und virtuelles Bridging

/etc/network/interfaces

auto eth0.10
iface eth0.10 inet manual
        vlan-raw-device eth0


auto eth0.20
iface eth0.20 inet manual
        vlan-raw-device eth0



auto br-vlan10
iface br-vlan10 inet manual
        bridge_ports eth0.10
        bridge_stp on
        bridge_maxwait 10


auto br-vlan20
iface br-vlan20 inet manual
        bridge_ports eth0.20
        bridge_stp on
        bridge_maxwait 10

Vlan Linux

Inhaltsverzeichnis