Configure a VirtualBox VM for a different VLAN than its Host

Scenario: You need a new staging VM to test out some Group Policy settings for a domain that resides on a different VLAN than the host that will store your staging VM. For example, let’s say that you wanted to run this VM using VirtualBox on your local machine. Your machine is on the I.T. Department VLAN (5), but the target domain resides on VLAN 3.

Example network diagram

Your machine is running Ubuntu — any recent version (I used 15.10 for this post) will work for this example. The 10,000ft view of what needs to be done is as follows:

  1. Ensure that the switchport that your workstation is connected to is a member of both VLANs. In my scenario, I have the following settings:
    switchport trunk native vlan 5
    switchport trunk allowed vlan 3
  2. Install the vlan package on your machine
  3. Configure a virtual interface with the appropriate VLAN info
  4. Configure your VM to use that interface exclusively

This post assumes you already have the VM up and running — in this example we’re using VirtualBox but pretty much any virtualization software should work. Go ahead and install the vlan package:

you@localhost:~$ sudo apt-get install vlan
you@localhost:~$ sudo modprobe 8021q
you@localhost:~$ sudo echo "8021q" >> /etc/modules

Add the virtual interface(s). On my machine, I have one interface named enp9s0; yours will probably be different. Adjust as necessary.

you@localhost:~$ sudo vi /etc/network/interfaces

Add your configuration. Mine is as follows:

auto lo
iface lo inet loopback

auto enp9s0
iface enp9s0 inet dhcp

## Target hosts/domain VLAN
## FYI: IPv4 addressing scheme is
auto vlan3
iface vlan3 inet dhcp
vlan-raw-device enp9s0

## Example VLAN w/ static IP assignment
auto vlan99
iface vlan99 static

See The basic syntax of “/etc/network/interfaces” for more information on the available configuration options for /etc/network/interfaces

Once you’ve added your configuration, either reboot your computer or restart the networking service:

you@localhost:~$ sudo /etc/init.d/networking restart

I did run into some trouble during this configuration, mainly because there are some conflicting instructions on the net. You do not have to use vconfig to create the interface before adding it to /etc/network/interfaces … you can if you like, but it isn’t necessary. During this process, if you run into issues with interfaces not being brought up, you should take a look in /sys/class/net to see which interfaces have actually been created:

you@localhost:~$ ls /sys/class/net
enp9s0  lo  vlan3  vlan99

To remove any of your virtual interfaces, simply run the following command (where ‘vlan99’ is the interface you wish to remove):

you@localhost:~$ sudo vconfig rem vlan99
Removed VLAN -:vlan99:-

Now that you have your VLAN interface configured on your local host, we need to tell your VM to use it. This is trivial — in VirtualBox, navigate to the network settings of the VM and make sure that:

  • “Bridged Adapter” is selected in the “Attached to:” dropdown box
  • Select the appropriate adapter in the “Name:” dropdown box

Note: the VM can either be running or not … it makes no difference):

Staging Workstation - Settings

Then check your network settings in the VM (assuming DHCP — if not you’ll have to reconfigure them manually):

Staging Workstation [Running] - Oracle VM VirtualBox

If all goes well, you should now have a VM that will act behave like any of the workstations on the other VLAN with regards to networking.