> For the complete documentation index, see [llms.txt](https://book.bsdcn.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://book.bsdcn.org/ask/flat/chapter-24-advanced-networking/di-24.4-jie-vlan.md). # 24.4 VLAN A VLAN (Virtual Local Area Network) is a logical segment of a local area network (each segment has its own broadcast domain). A VLAN is isolated from other segments of the local area network, and computers on other segments can only access it through a connecting unit with filtering capabilities. On FreeBSD, VLAN hardware offloading requires network card driver support; if the driver does not support it, VLAN tag processing will be handled by software, which may affect performance. To see which drivers support VLAN hardware offloading, refer to the [vlan(4)](https://man.freebsd.org/cgi/man.cgi?query=vlan\&sektion=4\&format=html) manual page. When configuring a VLAN, the following information is needed: the network interface being used and the VLAN tag. ## Defining a VLAN Assuming the network card is `em0` and the VLAN tag is `5`, the command is as follows: ```sh # ifconfig em0.5 create vlan 5 vlandev em0 inet 192.168.20.20/24 ``` > **Note** > > Note that the interface name includes the network card driver name and the VLAN tag, separated by a dot. This is the best practice, especially when multiple VLANs are configured on the machine, as it facilitates VLAN configuration management. > **Note** > > When defining a VLAN, ensure that the parent network interface is also configured and enabled. In the example above, the simplest configuration is: > > ```sh > # ifconfig em0 up > ``` To configure the VLAN at boot time, **/etc/rc.conf** must be updated. To reproduce the above configuration, add the following: ```sh vlans_em0="5" ifconfig_em0_5="inet 192.168.20.20/24" ``` To add more VLANs, simply add the tag to the `vlans_em0` field and configure the network for the interface of that VLAN tag. > **Note** > > When defining a VLAN in /etc/rc.conf, ensure that the parent network interface is also configured and enabled. In the example above, the simplest configuration is: > > ```sh > ifconfig_em0="up" > ``` ## Assigning Symbolic Names to Interfaces Assigning symbolic names to interfaces has practical value: when replacing associated hardware, only a few configuration variables need to be updated. For example, if a security camera needs to run VLAN 1 on `em0`, and the `em0` network card is later replaced with one using the ixgbe(4) driver, there is no need to change all references from `em0.1` to `ixgbe0.1`. To configure VLAN `5` on network card `em0`, assign the interface name `cameras`, and allocate the IP address `192.168.20.20/24`, use the following command: ```sh # ifconfig em0.5 create vlan 5 vlandev em0 name cameras inet 192.168.20.20/24 ``` If the parent interface uses a different network card (for example, `video`, representing another physical network card in the system), use the following command: ```sh # ifconfig video.5 create vlan 5 vlandev video name cameras inet 192.168.20.20/24 ``` Add the following to **/etc/rc.conf** to apply the changes at boot time: ```sh vlans_video="cameras" create_args_cameras="vlan 5" ifconfig_cameras="inet 192.168.20.20/24" ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://book.bsdcn.org/ask/flat/chapter-24-advanced-networking/di-24.4-jie-vlan.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.