How to properly configure vlans on an interface in Linux?

campos

1/19/24, 8:36 PM

I want to configure some vlans on an interface of a Linux VM.

The Vlan is already configured on the hypervisor and the port is marked on the switch.

I installed the "vlan" package on Linux Debian 11 and configured the /etc/network/interfaces file:

auto eth0.20
iface eth0.20 inet static
        address 192.168.2.10/24
        gateway 192.168.2.1
        vlan-raw-device eth0

However, after configuration, it was unable to ping the VM to the gateway.

Setup appears to be very simple. Did I forget something?

782

1 + 3

vlan

linux-networking

Nikita Kipriyanov

1/20/24, 5:37 AM

Which hypervisor and how it's configured? Maybe it does all the VLAN tagging and stripping for you and you don't need to make any special configuration in the VM. (That's how most VLAN-aware hypervisors do when you configure VLANs in them.) // Also, you don't need to install additional packages in Debian. VLANs are configured in Linux with the `ip` utility from the standard `iproute2` package.

campos

1/20/24, 3:50 PM

I'm using XCP-NG as a hypervisor, which is a derivative of Xen. I wanted more than one vlan to pass on the same linux vm interface. Example: vlan 20 -> eth0.20, vlan 30 -> eth0.30 ...

Nikita Kipriyanov

1/20/24, 5:35 PM

In principle you did all correct (you may even remove vlan-raw-device since it will be inferred from the vlan device name itself). I suspect your host is not set up properly for VLAN passing to the VM. Unfortunately, I don't have experience with XCP. I did precisely this thing with Proxmox VE, which uses standard Linux bridges that are configured via the Debian interfaces file and it can use vlan-aware bridge, so that was no problem for me. Try capturing thaffic via `tcpdump -e` to see VLAN tags and other Ethernet header information in the output and confirm VM and host agree with tagging.

Score:0

Server

campos

1/20/24, 9:24 PM

Possible solution I thought using XCP-NG:

Mark (tagged/trunk) each vlan on the switch port;
Pass the vlans on the physical interface of the hypervisor;
Configure each vlan as a virtual interface for the Linux vm on the hypervisor;
Configure the new virtual interface on the Linux VM by editing the /etc/network/interfaces file. Example assuming a new interface and network:

auto eth1
iface eth1 inet static
        address 192.168.3.10/24
        gateway 192.168.3.1

This way each vlan in Linux becomes a new interface and no layer 2 configuration in the operating system needs to be done.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to properly configure vlans on an interface in Linux?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.