Skip to content

Phils Blog and Stuff

TELECOMS. VIRTUALIZATION. IT. CODING. and more…

Menu
  • Home
  • Resources
    • Subnet Mask Cheat Sheet
    • Easy Dmarc+Email
    • MX Tool Box
    • LOAD BALANCING & SRE
  • SHOP
  • SOLUTIONS
  • SERVICES
  • Contact Me
Menu

Ubuntu 12.04 Server: Adding Vlan Tagging

Posted on 06/08/201308/03/2023 by Phil

Scenario

We have a router/firewall with two NICs one used to connect to the Internet (WAN) and the other to connect to the local network (LAN). We would like to beef up the security aspect of our site and introduce a Demilitarized Zone (DMZ). If this should be implemented without the use of vlans we would have to buy a new switch and a third NIC for our router/firewall.

Luckily the switch used supports 802.1q. The switch configuration is done by adding a new vlan. How this is done should be documented in the switch documentation.

Networks

  • WAN 172.16.0.0/24
  • LAN 192.168.0.0/24
  • DMZ 10.0.0.0/24

Installation

sudo apt-get install vlan

 

Configuration

Load the 8021q module into the kernel.

sudo modprobe 8021q

Create a new interface that is a member of a specific vlan, vlan id 10 is used.

sudo vconfig add eth1 10

Assigning an address to the new interface.

sudo ip addr add 10.0.0.1/24 dev eth1.10

 

To make this setup permanent, some lines has to be added to some configuration files.

Add the module to the kernel on boot.

sudo su -c 'echo "8021q" >> /etc/modules'

Create the interface and make it available during the boot. Add the following lines to /etc/network/interfaces

auto eth1.10
iface eth1.10 inet static
    address 10.0.0.1
    netmask 255.255.255.0
    vlan-raw-device eth1

POSTS

  • Home Assistant. Add water meter with PHP+MQTT+YML.
  • Automating your home with Home Assistant. Initial install and config (Hyper-V).
  • The importance of setting up email security correctly.
  • Automate Debian installations with Seed, DHCP and Nginx.
  • A simple link shortener.. Fun little project…

WORD CLOUD

3CX 3CX Phone System Apache Asterisk Cacti CentOS CRM DHCP DNS Email Fail over Failover File System Firewall FreeBSD FreeNAS FXO IAX install IP IP PBX Linux M0n0wall Nottingham Open Source PBX PFSense PHP Router Server SIP snom SSH TrixBox ubuntu VLAN Voice VoIP VPN vyatta WAN Website WiFi yealink ZFS

© 2025 Phils Blog and Stuff | Powered by Superbs Personal Blog theme