- Create VLANs on Oracle Linux
- Objectives
- Prerequisites
- View Available Network Interfaces
- Create VLAN Interface Using nmcli
- Assign an IP Address Using nmcli
- Change the State of VLAN Connections
- View VLAN Configuration Files
- Delete VLAN Interface Using nmcli
- Create VLAN Interface Using ip
- Assign an IP Address Using ip
- Delete a VLAN Using ip
- For Additional Information
- More Learning Resources
Create VLANs on Oracle Linux
VLANs or Virtual Local Area Networks allow the network to be divided into smaller logical sections, or broadcast domains, to better manage the amount of traffic being generated by the attached systems.
A VLAN separates multiple network devices into logical groups that can communicate as though they are attached to the same network, regardless of their actual physical location on the broadcast LAN.
VLAN tags are used to identify the separate VLAN networks, with network switches deciding how to route traffic within and between systems based on the VLAN tags.
Objectives
This lab, demonstrates how to:
- Create a VLAN interface using the nmcli command
- Delete a VLAN interface using the nmcli command
- Create a VLAN interface using the ip command
- Delete a VLAN interface using the ip command
Prerequisites
View Available Network Interfaces
- Follow the instructions in Oracle Linux Lab Basics to see how to establish an SSH connection and log in to the ol-node01 instances. The two relevant sections are:
- Copy Public IP Address
- Connect to Oracle Linux Instance
ssh oracle@[IP_ADDRESS_OF_OL-NODE01] DEVICE TYPE STATE CONNECTION ens3 ethernet connected ens3 ens5 ethernet disconnected -- ens6 ethernet disconnected -- ens7 ethernet disconnected -- lo loopback unmanaged -- The output show four devices ens3 , ens5 ens6 , and ens7 . These network devices are currently disconnected (unused) and available. The next step is to create parent devices for the VLAN interfaces on some of these devices.
Create VLAN Interface Using nmcli
This task uses the nmcli command to create and manage VLANs.
Note: VLAN interfaces created with the NMCLI utility will still be present after a system reboot,
- Use the sudo nmcli connection add type vlan command to create a VLAN connection. Supply the following options:
- con-name : vlan10-con
- ifname : vlan10-if
- dev : ens5
- VLAN tag id : 10
sudo nmcli connection add type vlan con-name vlan10-con ifname vlan10-if dev ens5 id 10 Connection 'vlan10-con' (25152b16-aee2-4d99-90ad-e44b9c02eb40) successfully added. DEVICE TYPE STATE CONNECTION ens3 ethernet connected ens3 vlan10-if vlan connecting (getting IP configuration) vlan10-con ens5 ethernet disconnected -- ens6 ethernet disconnected -- ens7 ethernet disconnected -- lo loopback unmanaged -- The output shows a new vlan10-if interface and a new vlan10-con connection using device ens5 with a vlan ID 10 . Output also shows its state as ‘connecting’. This is the default for the new VLAN interface because Dynamic Host Configuration Protocol, or DHCP, is used to acquire its IP settings.
NAME UUID TYPE DEVICE vlan10-con 25152b16-aee2-4d99-90ad-e44b9c02eb40 vlan vlan10-if ens3 17b6d01f-368c-4628-8ed1-134c0f0f410d ethernet ens3 Assign an IP Address Using nmcli
This task configures a static IPv4 address to the vlan10 connection. When configuring manual IPv4 or IPv6 address settings, you can set static IP addresses, network masks, default gateways, and DNS servers.
- Use the sudo nmcli connection modify command and supply the following values:
- The connection to modify: vlan10-con
- The ipv4.addresses command option
- The IP address and netmask: ‘192.168. 10.10./24’
sudo nmcli connection modify vlan10-con ipv4.addresses '192.168.10.10/24' sudo nmcli connection modify vlan10-con ipv4.method manual . . 3: ens5: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0a:15:4c brd ff:ff:ff:ff:ff:ff 4: ens6: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff 5: ens7: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0a:d4:70 brd ff:ff:ff:ff:ff:ff 5048: vlan10-if@ens5: mtu 1500 qdisc noqueue state UP group default > > qlen 1000 link/ether 02:00:17:0a:15:4c brd ff:ff:ff:ff:ff:ff inet 192.168.10.10/24 brd 192.168.10.255 scope global noprefixroute vlan10-if valid_lft forever preferred_lft forever inet6 fe80::d4f3:8725:9352:d6ac/64 scope link noprefixroute valid_lft forever preferred_lft forever Change the State of VLAN Connections
Next, change the state of VLAN connections and their parent links. This task demonstrates the dependency between VLAN connections and parent links by changing the state of both.
Note: The output from the ip addr command in the previous task showed both the VLAN connection and its interface link as UP .
sudo nmcli connection down vlan10-con Connection 'vlan10-con' successfully deactivated (D-Bus active path: /org/freedesktop/> NetworkManager/ActiveConnection/12236) NAME UUID TYPE DEVICE System ens3 17b6d01f-368c-4628-8ed1-134c0f0f410d ethernet ens3 vlan10-con 25152b16-aee2-4d99-90ad-e44b9c02eb40 vlan -- . . 3: ens5: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0a:15:4c brd ff:ff:ff:ff:ff:ff 4: ens6: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff 5: ens7: mtu 1500 qdisc mq state UP group default qlen 1000 sudo ip link set ens5 down sudo nmcli connection up vlan10-con Error: Connection activation failed: The device could not be readied for configuration Hint: use 'journalctl -xe NM_CONNECTION=25152b16-aee2-4d99-90ad-e44b9c02eb40 + NM_DEVICE=vlan10-if' to get more details. Note: When the parent device is DOWN, it prevents the VLAN device from coming up.
sudo nmcli connection up vlan10-con Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/12249) View VLAN Configuration Files
The /proc/net/vlan directory stores files containing configuration information about the configured VLAN interfaces.
- Run the command ls -l /proc/net/vlan to list the configuration files in the directory.
total 0 -rw------- 1 root root 0 May 10 13:33 config -rw------- 1 root root 0 May 10 13:33 vlan10-if sudo cat /proc/net/vlan/config VLAN Dev name | VLAN ID Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD vlan10-if | 10 | ens5 sudo cat /proc/net/vlan/vlan10-if vlan10-if VID: 10 REORDER_HDR: 1 dev->priv_flags: 1021 total frames received 0 total bytes received 0 Broadcast/Multicast Rcvd 0 total frames transmitted 18 total bytes transmitted 1248 Device: ens5 INGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0 EGRESS priority mappings: The contents of vlan10-if shows counts for transmitted and received frames and bytes, and any traffic priority settings for traffic in and out of this device.
Delete VLAN Interface Using nmcli
Next deactivate the connection.
- Run the command sudo nmcli connection down vlan10-con to deactivate the connection.
sudo nmcli connection down vlan10-con Connection 'vlan10-con' successfully deactivated (D-Bus active path: /org/freedesktop/> NetworkManager/ActiveConnection/12236) sudo nmcli connection delete vlan10-con Connection 'vlan10-con' (25152b16-aee2-4d99-90ad-e44b9c02eb40) successfully deleted. Create VLAN Interface Using ip
This task, uses the ip command to create and manage a VLAN.
Note: VLAN interfaces created using the ip command do not persist after a reboot of the system.
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: ens3: mtu 9000 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:08:b9:1a brd ff:ff:ff:ff:ff:ff 3: ens5: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:0a:15:4c brd ff:ff:ff:ff:ff:ff 4: ens6: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff 5: ens7: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:0a:d4:70 brd ff:ff:ff:ff:ff:ff sudo ip link add link ens6 name vlan11-if type vlan id 11 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: ens3: mtu 9000 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:08:b9:1a brd ff:ff:ff:ff:ff:ff 3: ens5: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:0a:15:4c brd ff:ff:ff:ff:ff:ff 4: ens6: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff 5: ens7: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 . link/ether 02:00:17:0a:d4:70 brd ff:ff:ff:ff:ff:ff 5114: vlan11-if@ens6: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff Assign an IP Address Using ip
Now assign a static IP address to the VLAN.
- Run the command sudo ip addr add to assign the ip address and netmask to the interface.
sudo ip addr add 192.168.11.11/24 dev vlan11-if sudo ip link set vlan11-if up NAME UUID TYPE DEVICE System ens3 17b6d01f-368c-4628-8ed1-134c0f0f410d ethernet ens3 vlan11-if 8da0b0b8-c72b-437b-b2ec-62670187d39e vlan vlan11-if . . 4: ens6: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff 5: ens7: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 02:00:17:0a:d4:70 brd ff:ff:ff:ff:ff:ff 5114: vlan11-if@ens6: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 02:00:17:0e:25:14 brd ff:ff:ff:ff:ff:ff inet 192.168.11.11/24 scope global vlan11-if valid_lft forever preferred_lft forever inet6 fe80::17ff:fe0e:2514/64 scope link valid_lft forever preferred_lft forever Delete a VLAN Using ip
Complete the steps to delete the VLAN device.
- Run the command sudo ip link set vlan11-if down to bring the device connection down.
sudo ip link set vlan11-if down DEVICE TYPE STATE CONNECTION ens3 ethernet connected ens3 ens5 ethernet disconnected -- ens6 ethernet disconnected -- ens7 ethernet disconnected -- lo loopback unmanaged -- vlan11-if vlan unmanaged -- sudo ip link delete vlan11-if DEVICE TYPE STATE CONNECTION ens3 ethernet connected ens3 ens5 ethernet disconnected -- ens6 ethernet disconnected -- ens7 ethernet disconnected -- lo loopback unmanaged -- sudo cat /proc/net/vlan/config VLAN Dev name | VLAN ID Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD For Additional Information
See other related resources:
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
Create VLANs on Oracle Linux
Copyright © 2022, Oracle and/or its affiliates.