Category: Network

Ubuntu 802.1Q VLAN Tagging

 

802.1Q VLAN trunk encapsulation

Ethernet interfaces can be configured either as access ports or a trunk ports:
Access port – can have only one VLAN configured on the interface; it can carry traffic for only one VLAN.
Trunk port – can have two or more VLANs configured on the interface; it can carry traffic for several VLANs simultaneously.

An Ethernet interface can function as either an access port or a trunk port; it cannot function as both port types simultaneously.

IEEE 802.1Q Encapsulation
In order to correctly deliver the traffic on a trunk port with several VLANs, the device uses the IEEE 802.1Q encapsulation or tagging method.

 

Ubuntu configuration of an interface for multiple VLAN tagging

Example:
A Server requires access to two VLANs.
The Server’s interface eth0 is connected to a switchport that’s trunk.
The assigned IP addresses for the Server are 10.0.20.1/16 on VLAN 20
and 10.0.30.1/16 on VLAN 30

1. Install the vlan package if it is not already present:
$ sudo apt-get install vlan
This provides the command vconfig, which you will not need to invoke directly, but is needed by ifup and ifdown when using VLANs.

2. Add an interface definition for each VLAN in /etc/network/interfaces.
The VLAN interface names must follow a naming conventions supported by vconfig

Naming Convention ethx.y where ethx is the physical interface name and y is the VLAN number.

auto eth0.20
iface eth0.20 inet static
    address 10.0.20.1
    netmask 255.255.0.0

auto eth0.30
iface eth0.30 inet static
    address 10.0.30.1
    netmask 255.255.0.0

3. Bring the Tag Interfaces up

ifup eth0.20
ifup eth0.30

4. Verify

ifconfig eth0.20
eth0.20 Link encap:Ethernet  HWaddr 00:00:10:25:20:17
              inet addr:10.0.20.1  Bcast:10.0.20.255  Mask:255.255.0.0
              UP BROADCAST MULTICAST  MTU:1500 Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              ...

 

Example of Ubuntu VLAN tagging:

ferdy@confignotes:~$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto enp4s0f0
auto enp4s0f0.100
iface enp4s0f0.100 inet static
        address 10.0.100.100
        netmask 255.255.0.0
        gateway 10.0.0.1
        dns-nameservers 8.8.8.8 8.8.4.4

auto enp4s0f0.200
iface enp4s0f0.200 inet static
        address 192.168.200.100
        netmask 255.255.255.0

auto enp4s0f0.300
iface enp4s0f0.300 inet static
        address 192.168.300.100
        netmask 255.255.255.0