Customize Q-in-Q

Last update: April 10 2024

Customize Q-in-Q

Q-in-Q is a technology that allows you to create multiple isolated network segments within a single VLAN. It is realized by adding an additional tag to the Ethernet packet header.

1. Enable Q-in-Q on the switch port. To do this, create a ticket to technical support and specify the UUIDs of the servers for which you want to enable Q-in-Q. Q-in-Q can only be enabled for the private network.
2. Select a new unoccupied private subnet, the IP addresses from which will be used to configure network connectivity.
3. Configure network interfaces-on-server: assign a Q-in-Q tag to the network interface and specify an IP address from a new private subnet.

Configure network interfaces on the server⁠

Ubuntu

1. Connect to the server via SSH or via KVM-console.

2. Open the netplan utility configuration file with the vi text editor:

   vi /etc/netplan/01-netcfg.yaml

3. Add Q-in-Q settings for the network interface of the private network:

   ...
       vlans:
         <eth_name>.<id>:
               id: <id>
               link: <eth_name>
               mtu: 1400
               addresses:
                   - <ip_address>/<mask>

   Specify:

   • <eth_name> is the name of the network interface of the private network;
   • <id> — Q-in-Q tag, a number from 2 to 4094;
   • <ip_address>/<mask> — IP address from the new private subnet (for example: 10.10.10.10.10/24).
   Example configuration file of the netplan utility

   network:
       version: 2
       renderer: networkd
       ethernets:
           eth0:
               addresses: [82.202.247.218/24]
               gateway4: 82.202.247.1
               nameservers:
                   addresses: [188.93.16.19,188.93.17.19]
           eth1:
               addresses: [192.168.0.2.2/24]
   ...
       vlans:
           eth1.40:
               id: 40
               link: eth1
               mtu: 1400
               addresses:
                   - [10.0.0.0.15/24]

4. Press the ESC key.

5. Exit the vi text editor with your changes saved:

   :wq

6. Apply the configuration:

   netplan apply

7. Optional: reboot the server.

Debian

1. Connect to the server via SSH or via KVM-console.

2. Open the network interfaces configuration file with the vi text editor:

   vi /etc/network/interfaces

3. Add Q-in-Q settings for the network interface of the private network:

   auto <eth_name>.<id>
   iface <eth_name>.<id> inet static
     address <ip_address>
     vlan-raw-device <eth_name>.<id>
     mtu 1400

   Specify:

   • <eth_name> is the name of the network interface of the private network;
   • <id> — Q-in-Q tag, a number from 2 to 4094;
   • <ip_address> — IP address from the new private subnet (for example: 10.10.10.10.10/24).
   Example configuration file for network interfaces

   source /etc/network/interfaces.d/*
   auto lo
   iface lo inet loopback
   auto eth0
   iface eth0 inet static
     address 82.202.247.218
     netmask 255.255.255.255.0
     gateway 82.202.247.1
     dns-nameserver 188.93.16.19,188.93.17.19
   
   auto eth1
   iface eth1 inet static
     address 192.168.0.2/24
   
   auto eth1.40
   iface eth1.40 inet static
     address 10.0.0.0.15/24
     vlan-raw-device eth1.40
     mtu 1400

4. Press the ESC key.

5. Exit the vi text editor with your changes saved:

   :wq

6. Restart the network:

   service networking restart

7. Optional: reboot the server.

CentOS

1. Connect to the server via SSH or via KVM-console.

2. Output information about the network interfaces:

   ip address

3. Create a new configuration file for the private network interface with Q-in-Q. The file will open with the vi text editor:

   vi /etc/sysconfig/network-scripts/ifcfg-<eth_name>

   Specify <eth_name> is the name of the network interface of the private network with Q-in-Q.

4. Add the network interface settings:

   NAME="<q_in_q_eth_name>"
   ONBOOT=yes
   TYPE=Ethernet
   VLAN=yes
   DEVICE=<basic_eth_name>.<id>
   BOOTPROTO=static
   IPADDR=<ip_address>
   NETMASK=<mask>
   NM_CONTROLLED=no

   Specify:

   • <q_in_q_eth_name> is the name of the new network interface;
   • <basic_eth_name> is the physical interface of the private network to which the VLAN is bound (for example: eth1);
   • <id> — Q-in-Q tag, a number from 2 to 4094;
   • <ip_address> — IP address from the new private subnet (for example: 10.10.10.10.10);
   • <mask> is the subnet mask.
   Example configuration file for the network interface

   NAME="vlan40"
   ONBOOT=yes
   TYPE=Ethernet
   VLAN=yes
   DEVICE=eth1.40
   BOOTPROTO=static
   IPADDR=10.10.10.10.10
   NETMASK=255.255.255.255.0
   NM_CONTROLLED=no

5. Press the ESC key.

6. Exit the vi text editor with your changes saved:

   :wq

7. Restart the network:

   systemctl restart network

8. Optional: reboot the server.

Windows

1. Connect to the server via RDP or via KVM-console.

2. Start Server Manager Local.

3. Click on the NIC Teaming link.

4. Merge the network adapters. In the Teams section, click Task → New Team.

5. Specify the name of the group.

6. Select the network adapters you want to add to it.

7. Create network interfaces. In the Adapter and Interfaces section, click Tasks → Add Interface.

8. Specify the interface parameters:

   • Interface name — the name of the new network interface;
   • Specific VLAN — Q-in-Q tag, a number from 2 to 4094.

9. Press OK.

10. Configure an IP address from the new private subnet. The IP address can be configured manually in the adapter properties.