Easily create an efficient network - how to add VLAN under Linux

In modern networks, VLAN technology is widely used. Through VLAN technology, we can divide a physical network into multiple virtual networks to achieve better network management and control. In the Linux operating system, adding a VLAN is also very simple. This article will introduce how to add VLAN in Linux system to easily create an efficient network environment.

Suppose we have a Linux server with two Ethernet cards (ens33 and ens38), the first card (ens33) is used for data traffic and the second card (ens38) is used for control/management traffic. For data streaming, multiple vlans will be used (multiple ips from different vlans will be assigned on the data streaming network card).

Assume that the port connecting the data traffic network card from the switch to the server is configured as a Trunk, by mapping multiple vlans to it. The following is the vlan mapped to the data traffic network card:

• VLAN ID (200), 172.168.10.0/24
• VLAN ID (300), 172.168.20.0/24

To use VLAN tagged interfaces on CentOS 7 /RHEL 7 / CentOS 8 /RHEL 8 systems, kernel module 8021q must be loaded.
Use the following command to load the kernel module "8021q"

# 先列出模块，发现没有8021q模块。
[root@localhost ~]# lsmod | grep -i 8021q
# 加载模块
[root@localhost ~]# modprobe --first-time 8021q
[root@localhost ~]# lsmod | grep -i 8021q
8021q                  33080  0 
garp                   14384  1 8021q
mrp                    18542  1 8021q

Use the modinfo command to list 8021q information:

[root@localhost ~]# modinfo 8021q

Now use the ip command to create vlan 200 and vlan 300 to ens33 network card:

# 创建vlan 200和vlan 300
[root@localhost ~]# ip link add link ens33 name ens33.200 type vlan id 200
[root@localhost ~]# ip link add link ens33 name ens33.300 type vlan id 300

It is found that the link status of ens33.200 and ens33.300 is DOWN, enable them below.

# 启用vlan 200 和vlan 300
[root@localhost ~]# ip link set ens33.200 up
[root@localhost ~]# ip link set ens33.300 up

The following assigns IP addresses to the two vlans:

[root@localhost ~]# ip address add 172.168.10.51/24 dev ens33.200
[root@localhost ~]# ip address add 172.168.20.51/24 dev ens33.300

You can see that ens33.200 and ens33.300 have been configured with IP addresses.

But the VLAN and address added using ip address above will not take effect permanently. After restarting the system, it no longer exists. We need to save these configurations in the configuration file.

First modify the configuration file of ifcfg-ens33, and then create ifcfg-ens33.200 and ifcfg-ens33.300 configuration files:

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 

TYPE=Ethernet
BOOTPROTO=none
DEVICE=ens33
ONBOOT=yes

Next create a configuration file for vlan 200 and name it ifcfg-ens33.200

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33.200

DEVICE=ens33.200
BOOTPROTO=none
ONBOOT=yes
IPADDR=172.168.10.51
PREFIX=24
NETWORK=172.168.10.0
VLAN=yes

Next create a configuration file for vlan 300 and name it ifcfg-ens33.300

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33.300

DEVICE=ens33.300
BOOTPROTO=none
ONBOOT=yes
IPADDR=172.168.20.51
PREFIX=24
NETWORK=172.168.20.0
VLAN=yes

After editing the configuration file, restart the network service.

[root@localhost ~]# systemctl restart network

You can see that the information of vlan200 and 300 has not disappeared.

Through this article's introduction to the method of adding VLAN under Linux, we learned how to use the vconfig command to add and configure a VLAN, and how to modify the network configuration file to load it automatically at boot. Adding VLAN can help us easily divide and manage the network and improve the security and reliability of the network.

The above is the detailed content of Easily create an efficient network - how to add VLAN under Linux. For more information, please follow other related articles on the PHP Chinese website!