Set Up a VLAN for Internal Networking

If you have multiple root servers in the same room and want to exchange private/sensitive traffic between them, VLAN is your option and a good alternative to a VPN.

Prerequisites

• Two or more Root Dedicated Servers
• Subscription: Port for internal networking
• bond0 network interface

Check if the bond0 network interface exists:

ip addr show bond0

Attention: Not all systems have bonding enabled!
In case you're missing a bond0 interface, please contact our support!

Netplan

Open /etc/netplan/55-interfaces.yaml in your preferred editor:

vi /etc/netplan/55-interfaces.yaml

Add a VLAN definition like this:

vlans:
  vlan<VLAN-ID>:
    id: <VLAN-ID>
    link: bond0
    addresses:
      - 192.0.2.10/24

A complete Netplan configuration could look like this:

network:
  version: 2
  ethernets:
    eno1:
      dhcp4: false
      dhcp6: false
      accept-ra: false
    eno2:
      dhcp4: false
      dhcp6: false
      accept-ra: false
  bonds:
    bond0:
      addresses:
        - 198.51.100.10/24
      nameservers:
        addresses:
          - 217.150.241.5
          - 217.150.242.21
          - 178.209.45.7
        search:
          - nine.ch
      macaddress: 1f:2f:3f:4f:5f:6f # MAC address of the first interface (eno1)
      interfaces:
        - eno1
        - eno2
      parameters:
        mode: "802.3ad"
        mii-monitor-interval: "100"
        lacp-rate: "fast"
        transmit-hash-policy: "layer3+4"
      routes:
        - to: 0.0.0.0/0
          via: 198.51.100.1
  vlans:
    vlan<VLAN-ID>:
      id: <VLAN-ID>
      link: bond0
      addresses:
        - 192.0.2.10/24

Before applying the Netplan configuration, test it to ensure there are no syntax errors or network issues:

netplan try

If the test was successful and the configuration hasn't been applied yet using netplan try, apply it now:

netplan apply

And verify with:

ip addr show vlan<VLAN-ID>

For more information, see: man netplan

ifupdown (legacy)

tip

Please use Netplan if possible. This is provided for completeness only.

Ensure the vlan package is installed:

apt install vlan

Open /etc/network/interfaces in your preferred editor:

vi /etc/network/interfaces

Add a VLAN configuration like this:

# interface vlan<VLAN-ID>
auto vlan<VLAN-ID>
iface vlan<VLAN-ID> inet static
    vlan-raw-device bond0
    address <IP-Address>
    netmask <NETMASK>

And restart the network:

systemctl restart networking

For more information, see: man vlan-interfaces