You are not logged in.
So originally the name of this post was "Recommendations for VLANs on wired and support for wireless" and I did not get any suggestions - too broad of a topic? Very little interest? Anyway this is how a newbie implemented vlans - please critique - I'm sure I missed something...
Arch Wiki - https://wiki.archlinux.org/title/VLAN gave 3 ways to setting up vlans. I tried each of those and got them to work (after a lot of work) but I wanted a GUI client of some sort
to handle the wireless. I used Network Manager for that ( NetworkManager.service). If you go this route make a backup of your system - I use
"timeshift" - in case you need to revert back if your network breaks.
I tried out all 3 (I never did understand how to make method 1 persistence across a reboot). The one I settled on was not discussed - but probably
commonly used in (most?) conventional wired / wireless environment on Arch - and that was NetworkManager. I like that method because it has a GUI app that
lets you have another way to configured the wired and wireless section pretty much out of the box - but it has no way to configure VLANs...but part of
Network Manager is a CLI utility called nmcli - and THAT can be used to create VLNs and assign IP addresses. If you install the Network Manager program
you should probably disable /remove systemd-networkd and/or netctl if those services are running because they may (or will) cause conflicts since they are performing a network function already.
When you first start NetworkManager service it should see your wired and wireless interfaces - and automatically create those connections. If you do a "sudo nmcli con show"
you probably will see the wired one with a name of "Wired connection 1" and the 2nd one with a name of your SSID (if you logged onto your AP). You can
leave that as is (the "Wired connection 1" name - but add these statements to create and assign IP addresses for VLANS:
sudo nmcli con add type vlan con-name VLAN100 dev eno1 id 100 ip4 192.168.1.148/24 gw4 192.168.1.1 ipv4.dns "192.168.1.1"
sudo nmcli con add type vlan con-name VLAN200 dev eno1 id 200 ip4 192.168.2.148/24
sudo nmcli con add type vlan con-name VLAN400 dev eno1 id 400 ip4 192.168.4.148/24
A "nmcli con show" should show something like this:
NAME UUID TYPE DEVICE
VLAN100 78af80a5-2045-40a0-8f96-be6239ffe732 vlan eno1.100
VLAN200 91d16b64-894c-4c32-9399-a52cd47ff353 vlan eno1.200
VLAN400 229090bb-0585-4cd1-b9c9-924348508aa0 vlan eno1.400
Wired connection 1 6147f912-7bb8-4874-8f1e-e276f0c3ef78 ethernet eno1
SHOP fbfebe41-ded3-4b1a-9fa4-80e5e71b675a wifi --
Note that the dev name for my wired interface is "eno1". The name of your wired interface will probably be something different - just replace "eno1" with your name.
I want the network on VLAN100 to be the one that I used as my default gateway to the internet which
is why the default GW and DNS are defined there. I could depend on DHCP (on by default) but if my DHCP server goes down my laptop will still be on the
network. The other 2 networks are less trusted - iOT devices and Chinese cameras.
After your VLNs are working the gui Network Manager app should show the VLNs (on my KDE a search shows an app called "Advanced Network Configuration" - assuming that was installed with Network Manager program. If that not correct hopefully someone with correct me...
I setup up Arch on another computer - and used these same instructions - and everything worked out of the gate.
Some useful nmcli commands.
sudo nmcli con delete "Wired connection 1" (IF YOU DON"T LIKE THE CONNECTION NAME THE SYSTEM GAVE IT)
sudo nmcli con add type ethernet con-name ethernet1 ifname eno1 (I GAVE THE CONNECTION NAME "ethernet1")
sudo nmcli con modify ethernet1 ipv4.method "disable" (need to do this or you will get nag popups complaining that it down since DHCP can't pull address.
sudo nmcli con add type vlan con-name VLAN100 dev eno1 id 100 ip4 192.168.1.148/24 gw4 192.168.1.1 ipv4.dns "192.168.1.1"
sudo nmcli con add type vlan con-name VLAN200 dev eno1 id 200 ip4 192.168.2.148/24
sudo nmcli con add type vlan con-name VLAN400 dev eno1 id 400 ip4 192.168.4.148/24
sudo nmcl con show
Hopefully this helps someone....at least provide breadcrumbs to get started. Most of the "nmcli" examples I found were found in REDHAT resources - which makes sense since
in a business environment VLNS are very common on a production server...
Last edited by 4romany (2021-12-15 01:36:47)
Offline