How do I configure VLAN under FreeBSD operating system?
A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the same wire, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same LAN segment. Network reconfiguration can be done through software instead of physically relocating devices.
FreeBSD VLANs Configuration using ifconfig Command
To create a new VLAN interface, enter:
# ifconfig {vlan-name} create
To associate the VLAN interface with a physical interface and assign a VLAN ID, IP address, and netmask:
# ifconfig {vlan-name} {ip-address} netmask {subnet-mask} vlan {vlan-id} vlandev {physical-interface}
The following examples, all packets will be marked on egress with 802.1Q VLAN tags, specifying a VLAN ID of 5:
# ifconfig vlan5 10.0.0.1 netmask 255.255.255.0 vlan 5 vlandev em0
To remove a VLAN interface, enter:
# ifconfig {vlan-name} destroy
Persistence VLAN Configuration
To make configuration persistence, open /etc/rc.conf:
# vi /etc/rc.conf
Append / modify as follows:
cloned_interfaces="vlan0" ifconfig_vlan0="inet x.x.x.x netmask y.y.y.y vlan 2 vlandev em0"
Fuhrer readings:
- FreeBSD man pages - ifconfig and rc.conf
- FreeBSD VLANs mini howto
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
{ 5 comments… read them below or add one }
Having tried these commands, it appears that what they achieve is to configure a VLAN server connection (if that is an accurate term). I came here hoping to find a shell command set that would let me connect to an existing external VLAN a a client — in other words, the command-line equivalent of defining a “VPN (PPTP)” connection in Internet Connect and connecting to it. Background: I monitor a WISP LAN from off the physical LAN, using a VPN connection to gain access to the LAN IP addresses. I need to have the VPN automatically connected at startup, plus devise a watchdog that will re-establish it when it drops. For that, I need the shell-command equivalent of the “Connect” button in Internet Connect.
Hei Macs R we.
VPN and Vlans are different concepts. VLAN is virtual LAN, or virtual broadcast domains. If you have a switch with some ports on vlan 1 and others on vlan 2 that setup is equivalent to having two physical switches.
VPN is Virtual Private Network, and is a tunneling concept that lets you be in a network through another network. All encrypted so it wont be eavesdropped. To look for vpn configuration on free BSD, search for VPN or virtual Private Network. Not Vlan.
Best regards
Robin
Communica (http://komsys.org)
Just a heads up – there’s a minor typo – on the second line, you’re missing a space between vlan and 5
ifconfig vlan5 10.0.0.1 netmask 255.255.255.0 vlan5 vlandev em0should be
ifconfig vlan5 10.0.0.1 netmask 255.255.255.0 vlan 5 vlandev em0@Ted ,
Thanks for the heads-up.
It’s also possible to do so in rc.conf:
cloned_interfaces=” vlan666 ”
ifconfig_vlan2551=”inet 172.16.0.1/30 vlan 666 vlandev em0 name SOME-VLAN-NAME”
And it really helps to understand which vlan is connected to what.