Tagging inteface traffic to VLAN in Linux based virtual router
I have alpine linux running on virutalbox which works as gateway for my other virtual instances resides on the same virtualbox. technically alpine running as virtual router with ip forwarding and masquerading with few support services like dnsmasq for DHCP and DNS. below is my interface setup on virtualbox side
NIC1 -> NAT
NIC2 -> INTERNAL(ALPNET)
* ALPNET is the name for virutalbox internal network
Inside my alpine instance I configured network as follows in /etc/network/interface
auto lo
iface lo inet loopback
#NATEd WAN IFACE FROM VBOX
auto eth0
iface eth0 inet dhcp
hostname alprouter
#ALPNET
auto eth1
iface eth1 inet static
address 192.168.10.1
netmask 255.255.255.0
#ALPNET-VLAN50
auto vlan50
iface vlan50 inet static
address 192.168.50.1
netmask 255.255.255.0
vlan-raw-device eth1
I enabled VLAN in kernel modules and other setting for IP forwarding and NAT rules for masquerading outgoing traffic on interface eth0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
After this I installed debian on virtualbox and configure network from virtualbox side like this
NIC1 -> INTERNAL(ALPNET)
then inside the debian virtual instance I enabled VLAN support and configure 1 physical and 1 vlan interface using NMCLI.
enp0s3 -> 192.168.10.10/24
enp0s8 -> 192.168.50.10/24
then I set All the NICs ON both instances to Promiscuous mode. when all up I can ping to 192.168.50.1 from my debian VM. But as I know it's not because of VLAN configured but the both networks are present in the same gateway and ICMP can reachable via default gateway which is 192.168.10.1
What I trying to achieve is two totally separated VLAN networks based on same virtualbox network interface (ALPNET) withing my virutalbox setup. how can I achieve this? is this possible to do without external physical VLAN tagging device ? Or I have to tag outgoing traffic to VLAN ID inside my virtual router ?
virtualbox routing alpine-linux nmcli vlan
asked 9 mins ago
gripen fightergripen fighter
192110
add a comment |
I have alpine linux running on virutalbox which works as gateway for my other virtual instances resides on the same virtualbox. technically alpine running as virtual router with ip forwarding and masquerading with few support services like dnsmasq for DHCP and DNS. below is my interface setup on virtualbox side
NIC1 -> NAT
NIC2 -> INTERNAL(ALPNET)
* ALPNET is the name for virutalbox internal network
Inside my alpine instance I configured network as follows in /etc/network/interface
auto lo
iface lo inet loopback
#NATEd WAN IFACE FROM VBOX
auto eth0
iface eth0 inet dhcp
hostname alprouter
#ALPNET
auto eth1
iface eth1 inet static
address 192.168.10.1
netmask 255.255.255.0
#ALPNET-VLAN50
auto vlan50
iface vlan50 inet static
address 192.168.50.1
netmask 255.255.255.0
vlan-raw-device eth1
I enabled VLAN in kernel modules and other setting for IP forwarding and NAT rules for masquerading outgoing traffic on interface eth0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
After this I installed debian on virtualbox and configure network from virtualbox side like this
NIC1 -> INTERNAL(ALPNET)
then inside the debian virtual instance I enabled VLAN support and configure 1 physical and 1 vlan interface using NMCLI.
enp0s3 -> 192.168.10.10/24
enp0s8 -> 192.168.50.10/24
then I set All the NICs ON both instances to Promiscuous mode. when all up I can ping to 192.168.50.1 from my debian VM. But as I know it's not because of VLAN configured but the both networks are present in the same gateway and ICMP can reachable via default gateway which is 192.168.10.1
What I trying to achieve is two totally separated VLAN networks based on same virtualbox network interface (ALPNET) withing my virutalbox setup. how can I achieve this? is this possible to do without external physical VLAN tagging device ? Or I have to tag outgoing traffic to VLAN ID inside my virtual router ?
virtualbox routing alpine-linux nmcli vlan
asked 9 mins ago
gripen fightergripen fighter
192110
add a comment |
I have alpine linux running on virutalbox which works as gateway for my other virtual instances resides on the same virtualbox. technically alpine running as virtual router with ip forwarding and masquerading with few support services like dnsmasq for DHCP and DNS. below is my interface setup on virtualbox side
NIC1 -> NAT
NIC2 -> INTERNAL(ALPNET)
* ALPNET is the name for virutalbox internal network
Inside my alpine instance I configured network as follows in /etc/network/interface
auto lo
iface lo inet loopback
#NATEd WAN IFACE FROM VBOX
auto eth0
iface eth0 inet dhcp
hostname alprouter
#ALPNET
auto eth1
iface eth1 inet static
address 192.168.10.1
netmask 255.255.255.0
#ALPNET-VLAN50
auto vlan50
iface vlan50 inet static
address 192.168.50.1
netmask 255.255.255.0
vlan-raw-device eth1
I enabled VLAN in kernel modules and other setting for IP forwarding and NAT rules for masquerading outgoing traffic on interface eth0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
After this I installed debian on virtualbox and configure network from virtualbox side like this
NIC1 -> INTERNAL(ALPNET)
then inside the debian virtual instance I enabled VLAN support and configure 1 physical and 1 vlan interface using NMCLI.
enp0s3 -> 192.168.10.10/24
enp0s8 -> 192.168.50.10/24
then I set All the NICs ON both instances to Promiscuous mode. when all up I can ping to 192.168.50.1 from my debian VM. But as I know it's not because of VLAN configured but the both networks are present in the same gateway and ICMP can reachable via default gateway which is 192.168.10.1
What I trying to achieve is two totally separated VLAN networks based on same virtualbox network interface (ALPNET) withing my virutalbox setup. how can I achieve this? is this possible to do without external physical VLAN tagging device ? Or I have to tag outgoing traffic to VLAN ID inside my virtual router ?
virtualbox routing alpine-linux nmcli vlan
asked 9 mins ago
gripen fightergripen fighter
192110
I have alpine linux running on virutalbox which works as gateway for my other virtual instances resides on the same virtualbox. technically alpine running as virtual router with ip forwarding and masquerading with few support services like dnsmasq for DHCP and DNS. below is my interface setup on virtualbox side
NIC1 -> NAT
NIC2 -> INTERNAL(ALPNET)
* ALPNET is the name for virutalbox internal network
Inside my alpine instance I configured network as follows in /etc/network/interface
auto lo
iface lo inet loopback
#NATEd WAN IFACE FROM VBOX
auto eth0
iface eth0 inet dhcp
hostname alprouter
#ALPNET
auto eth1
iface eth1 inet static
address 192.168.10.1
netmask 255.255.255.0
#ALPNET-VLAN50
auto vlan50
iface vlan50 inet static
address 192.168.50.1
netmask 255.255.255.0
vlan-raw-device eth1
I enabled VLAN in kernel modules and other setting for IP forwarding and NAT rules for masquerading outgoing traffic on interface eth0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
After this I installed debian on virtualbox and configure network from virtualbox side like this
NIC1 -> INTERNAL(ALPNET)
then inside the debian virtual instance I enabled VLAN support and configure 1 physical and 1 vlan interface using NMCLI.
enp0s3 -> 192.168.10.10/24
enp0s8 -> 192.168.50.10/24
then I set All the NICs ON both instances to Promiscuous mode. when all up I can ping to 192.168.50.1 from my debian VM. But as I know it's not because of VLAN configured but the both networks are present in the same gateway and ICMP can reachable via default gateway which is 192.168.10.1
What I trying to achieve is two totally separated VLAN networks based on same virtualbox network interface (ALPNET) withing my virutalbox setup. how can I achieve this? is this possible to do without external physical VLAN tagging device ? Or I have to tag outgoing traffic to VLAN ID inside my virtual router ?
virtualbox routing alpine-linux nmcli vlan
virtualbox routing alpine-linux nmcli vlan
asked 9 mins ago
gripen fightergripen fighter
192110
asked 9 mins ago
gripen fightergripen fighter
192110
asked 9 mins ago
gripen fightergripen fighter
192110
asked 9 mins ago
gripen fightergripen fighter
192110
asked 9 mins ago
gripen fightergripen fighter
192110
192110
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f502214%2ftagging-inteface-traffic-to-vlan-in-linux-based-virtual-router%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f502214%2ftagging-inteface-traffic-to-vlan-in-linux-based-virtual-router%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
