How do I configure VLAN under FreeBSD operating system?
A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the same wire, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same LAN segment. Network reconfiguration can be done through software instead of physically relocating devices.
FreeBSD VLANs Configuration using ifconfig Command
To create a new VLAN interface, enter:
# ifconfig {vlan-name} create
To associate the VLAN interface with a physical interface and assign a VLAN ID, IP address, and netmask:
# ifconfig {vlan-name} {ip-address} netmask {subnet-mask} vlan {vlan-id} vlandev {physical-interface}
The following examples, all packets will be marked on egress with 802.1Q VLAN tags, specifying a VLAN ID of 5:
# ifconfig vlan5 10.0.0.1 netmask 255.255.255.0 vlan 5 vlandev em0
To remove a VLAN interface, enter:
# ifconfig {vlan-name} destroy
Persistence VLAN Configuration
To make configuration persistence, open /etc/rc.conf:
# vi /etc/rc.conf
Append / modify as follows:
cloned_interfaces="vlan0" ifconfig_vlan0="inet x.x.x.x netmask y.y.y.y vlan 2 vlandev em0"
Fuhrer readings:
- FreeBSD man pages - ifconfig and rc.conf
- FreeBSD VLANs mini howto
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 5 comments… read them below or add one }
Having tried these commands, it appears that what they achieve is to configure a VLAN server connection (if that is an accurate term). I came here hoping to find a shell command set that would let me connect to an existing external VLAN a a client — in other words, the command-line equivalent of defining a “VPN (PPTP)” connection in Internet Connect and connecting to it. Background: I monitor a WISP LAN from off the physical LAN, using a VPN connection to gain access to the LAN IP addresses. I need to have the VPN automatically connected at startup, plus devise a watchdog that will re-establish it when it drops. For that, I need the shell-command equivalent of the “Connect” button in Internet Connect.
Hei Macs R we.
VPN and Vlans are different concepts. VLAN is virtual LAN, or virtual broadcast domains. If you have a switch with some ports on vlan 1 and others on vlan 2 that setup is equivalent to having two physical switches.
VPN is Virtual Private Network, and is a tunneling concept that lets you be in a network through another network. All encrypted so it wont be eavesdropped. To look for vpn configuration on free BSD, search for VPN or virtual Private Network. Not Vlan.
Best regards
Robin
Communica (http://komsys.org)
Just a heads up – there’s a minor typo – on the second line, you’re missing a space between vlan and 5
ifconfig vlan5 10.0.0.1 netmask 255.255.255.0 vlan5 vlandev em0should be
ifconfig vlan5 10.0.0.1 netmask 255.255.255.0 vlan 5 vlandev em0@Ted ,
Thanks for the heads-up.
It’s also possible to do so in rc.conf:
cloned_interfaces=” vlan666 ”
ifconfig_vlan2551=”inet 172.16.0.1/30 vlan 666 vlandev em0 name SOME-VLAN-NAME”
And it really helps to understand which vlan is connected to what.