What are VLan?
-
My pfSense is a CE, installed on a VPS
It has 2 "phisical" interfaces, eth0, eth1, eth2.
vtnet0 is the WAN
vtnet1 is for first lan
vtnet2 is for second lanI've zero experience with pfSense and firewalling and so on... long sad story ..
Can I kindly ask you what damn is a virtual lan and which is the use case?
-
@realtebo A VLAN allows a port to act as 2 or more ports on different networks and separate the traffic, so each VLAN does not see the traffic of the other VLANs.
These are used in businesses to separate traffic in logical ways, such as IP phones are on VLAN555 while the PCs are on VLAN386. This is done without the need to have 2 switches which saves money.
At my house I use VLANs to separate very dangerous things like Alexa from the rest of my network. I also trunk (more than 1 VLAN on the same port) VLANs on 1 port to my switch to reduce the number of ports I need to use on my switch.
There are many uses for VLANs, but I think this will get you started. -
@AndyRH touched on it already but VLANs are particularly handy in a home network, when physical ports may be few in number yet you usually have a need to split things up so trusted traffic stays away from untrusted.
For the home user their first use of a VLAN tends to be with wifi. A simple thing like having a more-trusted 'home' wifi network and a less trusted 'guest' network is a good use of a VLAN, to provide 2 different networks from the same wifi access point, each having their own BSSID (the network name you see). Both networks share the same single physical wire to the access point but carry 2 (or more) networks.
If you are asking about VLANs then you are asking the right questions.
️
-
What exactly are you wanting to use a VLAN(s) for though?
In a VPS setup like that you usually wouldn't need to use VLANs because all the subnets are virtual anyway.
-
First, thanks to all for your reply.
I am just curios about what is this because I didn't know this networking "feature" at all.
I am facing a problem it's not directly solvable with this feature. I have a my VPS and ALL hosts in both VLANs* to call a webservice in a private network (with totally different network id and mask !) of a customer, via ipsec; tunnel is working but NAT is not working as intended, but I already posted this problem in the appropriate section in this community forum
*: we are on Linode and they call VLAN the virtual switch and network segmentation needed to 'group' hosts comunication
-
@realtebo said in What are VLan?:
I am just curios about what is this because I didn't know this networking "feature" at all.
A VLAN is a virtual LAN, which allows a physical LAN to have multiple virutal LANs, to keep traffic isolated. I use one here, for my guest WiFi. They're common in business for VoIP phones.
-
In that situation it's likely Linode controls the actual VLAN config and the hosts within each VLAN do not see the VLAN tags etc. So I would not expect to need to use any VLAN config in pfSense directly.
However I've not used Linode in that way so I'm not sure exactly what they expose to the user.