Private Network on Dedicated servers

In this article you will find all the necessary information regarding the Private Network, VLAN.

What is VLAN?

The benefits

How to set up VLAN

How to configure your server for VLAN

How to check for available hosts


What is VLAN?


A Virtual Local Area Network (VLAN) or a Private Network, is a group of servers that allows for communication between other servers within the same environment. Here, data is not sent via the public network; instead, it is transferred safely among virtual servers. The traffic among devices is split across two or more physical networks and with VLAN, that traffic is handled more efficiently.

Through virtualization, you’re able to effectively turn a single physical server into multiple virtual servers, each available for separate tasks and users.

The result? A VLAN that can be administered just like a local physical network.


The benefits


A Private Network has a wide range of benefits, such as the following:

  • Security. VLANs enhance network security. A separate system that transfers all the sensitive data within the internal network connection decreases the chances that people will gain access to information they are not authorized to see.
  • Fast data transfers. VLAN allows you to transfer data fast and securely when you use your own network. This improves performance and reduces latency.
  • Unlimited connections. You can connect as many Dedicated Servers as you’d like, without any impact on its level of speed and data traffic.
  • Bandwidth usage. VLANs free up bandwidth by limiting node-to-node and broadcast traffic throughout the network.
  • High performance. In networks where traffic consists of a high percentage of broadcasts and multicasts, VLANs can reduce the need to send this type of traffic to unnecessary destinations.
  • Virtual network. Setting up your own network allows you to place members of a workgroup together easily.
  • Easy management. Using a private network, a device can be located anywhere in the switched network and still belong to the same broadcast domain. You can move a user from one switch to another switch in the same network while keeping their original VLAN.

How to set up VLAN


Due to technical restrictions, a VLAN cannot be installed from your side.

If you would like to set up a Private Network for your Dedicated Server, please submit a ticket to Hosting – VPS and Dedicated Servers. Our Tech Support Team will gladly help you install VLAN for your servers to manage your own Private Network.

NOTE: VLAN can only be installed if you have two or more Dedicated Servers and only with the User-Responsible and Basic Server Management Types.


How to configure your server for VLAN


In order to assign a private IP address to the VLAN interface eth0 on our devices, follow these steps for the following operating systems (OS):


CentOS


In this example, we will use 2 CentOS 7 servers. Assign 192.168.1.1 to the first server and 192.168.1.2 to the second server with 255.255.255.0 mask (/24)

SERVER_IP1 - first server
SERVER_IP2 - second server



1. Access the first server (server1) via ssh (root@SERVER_IP1)

2. Check the contents of the eth- configuration file interface. It will present you with the following lines:

NAME="eth0"
HWADDR="$MAC"
ONBOOT="no"
NETBOOT=yes
UUID="$UUID"
IPV6INIT=yes
BOOTPROTO="none"
TYPE=Ethernet
DNS1="8.8.8.8"
 

NOTE: $MAC, $UUID are custom values automatically assigned to the hardware and should not be changed.

3. After that, edit the configuration file for the eth0 interface (specific to our infrastructure and NIC cards), add accordingly the IP address of the private subnet and mask. We will use 192.168.1.1/24. You can use another range of private IP addresses as well as any preferred editor. In our example, we will use nano.

nano /etc/sysconfig/network-scripts/ifcfg-eth0

4. Add the following lines so the file will look as follows:
NAME="eth0"
HWADDR="$MAC"
ONBOOT="yes"
IPADDR=192.168.1.1
NETMASK=255.255.255.0
NETBOOT=yes
UUID="$UUID"
IPV6INIT=yes
BOOTPROTO="none"
TYPE=Ethernet
DNS1="8.8.8.8"

The following parameters were added:

ONBOOT="yes"
    yes: This interface is activated at boot time.
    no: This interface is not activated at boot time.

IPADDR=192.168.1.1

Private IP address for interface

NETMASK=255.255.255.0
Netmask for the 192.168.1.1/24 subnet

5. After performing the changes and saving the file, restart the network on the server by running the following command:

 service network restart

 The result should read as follows:


You can otherwise disable and re-enable the interface by utilizing the ifdown ; ifup command

(ifdown disables the interface, ifup enables the interface.)

 Disable the eth0 first:

 ifdown eth0

 After that, enable it again with ifup:

 ifup eth0

 eth0 port should be enabled with the configured parameters:


Server1 configuration is now complete.

6. For the server2 perform the same action, only change 192.168.1.1 to 192.168.1.2 or any other IP address within 192.168.1.1/24 subnet. Assigned parameters stay the same (Mask, onboot). Only the IP address should be different.

Apply the same steps as for the Server1.

After all the settings are done, make sure that the hosts are available.


Ubuntu

1. Check the contents of the eth1 interface:

cat /etc/netplan/01-netcfg.yaml


The following content of the YAML file should be present there:
network:
  version: 2
  renderer: networkd
  ethernets:
    eth1:
      dhcp4: no
      dhcp6: no
      addresses: [209.188.21.250/26]
      gateway4: 209.188.21.193
      nameservers:
        addresses: [8.8.8.8]

2. For our private interface eth0, we will copy /etc/netplan/01-netcfg.yaml to /etc/netplan/02-netcfg.yaml file with the following command:

cp /etc/netplan/01-netcfg.yaml  /etc/netplan/02-netcfg.yaml


3. After that, open the YAML file for eth0 (/etc/netplan/02-netcfg.yaml) with the editor of your choice (make sure to follow the rules of how to edit YAML documents).

NOTE: YAML is very strict with indentation and is case-sensitive, so please be attentive to the YAML syntax.

nano /etc/netplan/02-netcfg.yaml:


Replace the following text data:

eth1 >> eth0

addresses: [209.188.21.250/26] >> addresses: [192.168.1.1/24]

4. Remove the lines:

gateway4:
nameservers block (including addresses that follows).

The configuration file should look as follows:


5. After the configuration file for eth0 has been created, disable the port eth0 with the command:

ip link set eth0 down

You can check the status of the interface with the following command:

ip link show eth0:


6. After forcing shutdown, apply the new configuration using the command:

netplan apply

7. Check if the IP address has been added to the interface:

ip a:


You will then need to check for eth0 at the output:


As long as the state is "UP" and set internal IP address is present, you are good to go.

8. On the host 2, perform the same operations, only set the internal IP address to another value, different from the existing hosts within the same subnetwork /24.

9. After the configuration has been performed on the both servers, ensure that the hosts are available for each other (link to the last section).


Debian


1. Check the contents of the interface’s configuration file:

cat /etc/network/interfaces

The initial file should contain the following information:
 


2. Open the file with your favorite text editor and amend the following lines to the end of the file:

nano /etc/network/interfaces

3. Add the necessary data and save the changes: 


#eth0
auto eth0
iface eth0 inet static
name VLAN
address 192.168.1.2
netmask 255.255.255.0
allow-hotplug

The file should look as follows:


4. After that, restart the networking with the following command:

systemctl restart networking:


5. Once restarted, check the interface parameters:

ip a:


6. You will need to check for eth0 at the output:


As long as the state is "UP" and the set internal IP address is present, you are good to go.


How to check for available hosts


After the configuration has been performed on both servers, ensure that the hosts are available to each other by utilizing ping command and tcpdump:

 Server1: ping IP address


Server2: tcpdump -i eth0 icmp

And vice versa:

 Server2: ping IP address


Server1: tcpdump -i eth0 icmp


This wraps up the VLAN interface setup for your OS, which is based on two network hosts. For more than two network hosts, we recommend using the available IP address from a private subnet that is not assigned to the existing hosts.

Well done!

Updated
4/29/2020

Viewed
1301 times

Comments

We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.

If you need specific help with your account, feel free to contact our Support Team. Thank you.

Need help? We're always here for you.

× Close