Setting Up a Private Network for Dedicated Servers (Ubuntu/Debian)
With a private network, you can divide your existing network into several logical networks. The servers communicate using local IPs that are not routed on the Internet.
The use of private networks offers you the following advantages:
You can organize your networks according to organizational aspects.
You can easily add or remove your servers.
You can reduce latency and network load.
You can optimize traffic by prioritizing data packets.
Each server can only communicate with servers on the same private network.
You can seal off servers with confidential data.
The use of a private network can be useful in the following example cases:
Setting up a private network for departments or project teams
Setting up a private network connected to a load balancer
Setting up a private network for a web server and a database server
You can create a private network consisting of dedicated servers by configuring tagged VLANs. VLANs are virtual local networks. These are combined into one standard in IEEE 802.1Q. With VLANs, you can divide an existing physical network into multiple logical networks with different subnets. The data traffic is encapsulated so that data from one or more VLANs can be transmitted independently of each other.
Tagged VLANs do not have a fixed assignment between the virtual network and a port. The assignment is made by marking the data packets. The data packets are provided with tags in which the VLAN ID is stored. This is done according to IEEE 802.1Q by the respective terminal device. In this case, these are the servers assigned to the private network.
Using the VLAN ID, a switch can recognize to which VLAN the data packet belongs. This allows multiple VLANs to be used via a single switch port.
To configure an Ethernet interface of a server with Ubuntu as an IEEE 802.1Q VLAN trunk:
Configuring the Network Interface
In this step, you must configure the network interface for the VLAN or the private network. The example below assumes that a host needs access to a VLAN connected to the eth0 network interface. The assigned IP address for the host is 192.168.2.1/24 for VLAN 3509. For other VLANs, the setup is the same.
Open the file /etc/network/interfaces with vi.
Define the network interface. Enter the required information in the following form:
To exit vi and save the file, type the command below and then press:
To restart the network interface for the private network, type the following command:
The physical network interface was not found:
For example, if the physical network interface is not found, the following error message is displayed:
Enter the command /etc/network/interfaces file and check whether the name of the interface was specified correctly.and check if the physical network interface exists. Then open the
/proc/net/vlan config could not be opened
When you test the network configuration, you receive an error message that is identical or similar to the following error message.
If you receive such an error message when testing the network configuration, this may be due to the following reasons:
The kernel module 802.1Q was not found.
The /proc directory was not mounted.
To reload the kernel module, enter the command ifup.
To check whether the 802.1Q kernel module is currently loaded, type the following command:
If the kernel module 802.1Q is not listed, it was not found. To confirm this, enter the following command:
If you are using a normal kernel, you can use the following command to load the required module package: