VLAN can be very handy to use several subnets on a machine with only one network interface. Learn how I’m using multiple VLAN on a RaspberryPi v3.
So far I’ve been using an Alix APUC1 to run my openHAB instance and some other services. That’s been very convenient, as it’s sporting 3 network interfaces and I prefer to keep things separate. My openHAB instance is using three different subnets, one for the “normal” LAN communication in my flat, one to be accessed from the internet (the DMZ) and a third one for all the sensors and actors I don’t want to be access the internet and phone home. However the Alix is convenient only when kept in the network cabinet near the switch as it’s need three LAN cables. Using wireless switches using z-wave or enocean works not so well with the openHAB running from a steel cabinet. That’s why I decided to move openHAB to a RaspberryPi. So I need to use vlaning to run the same three subnets a before on one NIC: All the steps described here have been taken on a freshly installed raspbian “Jessie” (2016-05-10).
Install dependencies and load kernel module
sudo apt-get install vlan sudo modprobe 8021q
To load the 8012q kernel module for vlaning at boot time add it as last line of
Create the virtual device(s)
Add the virtual network devices to
# Interface for the internal (green) network auto eth0.10 iface eth0.10 inet static address 192.168.2.13 netmask 255.255.255.0 # Interface for the DMZ (orange) auto eth0.12 iface eth0.10 inet static address 192.168.3.13 netmask 255.255.255.224 # Interface for the sensor network (pink) auto eth0.13 iface eth0.13 inet static address 192.168.6.1 netmask 255.255.255.0
The numbers appended to the name of the “real” network interface are the VLAN ids. So in my setup VLAN 10 is the local (green) network, 12 the DMZ (orange) and 13 my home automation network (pink).
Add routes and rules
The networks stack by default only routes the packages from the first network. For other networks you need to configure routes manually. First add two new routing tables to
1 rt_pink 2 rt_orange
Then define the routes in
ip route add 192.168.3.0/27 dev eth0.12 src 192.168.3.13 table rt_orange ip route add default via 192.168.3.1 dev eth0.12 table rt_orange ip rule add from 192.168.3.13/27 table rt_orange ip rule add to 192.168.3.13/27 table rt_orange
Then restart the networking system:
sudo systemctl daemon-reload sudo systemctl restart networking
or restart the whole system:
Check if other hosts in the different subnets can be reached:
ping -c 3 192.168.2.105 ping -c 3 192.168.3.105
Now networking should be working for the subnet(s) on one wire.
- man interfaces
- man vlan-interfaces