Private VLAN Subnet

Private VLAN Subnet is a virtual local area network (VLAN) interface that groups servers within a Team to enable private interactions, as if the servers were attached to the same wire.

What is a Private VLAN Subnet?

A virtual local area network (VLAN) is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible: even though your servers may be spread out through multiple network devices it will appear as if they are directly connected to one another.

VLANs define broadcast domains on a data link layer (OSI layer 2). A broadcast domain is a set of devices that can exchange network packets with one another. VLAN packets at Cherry Servers are not routed through the network layer (OSI layer 3), thus packet exchange is only possible between domain members on a VLAN scope. Traffic is not filtered or limited in any way between your servers on a VLAN.

How Does a Private VLAN Subnet Work?

All servers with a pre-installed operating system are deployed with a Private VLAN Subnet interface by default with an exception of Cloud VPS Virtual Servers and ESXi hypervisor.

Private VLAN Subnet uses the main network card interface of the server, which is also available for public traffic. However, Private VLAN traffic is marked by a special VLAN ID that each user receives upon deploying a new server. This way Cherry Servers network can easily differentiate public traffic from private VLAN traffic, while both are coming to the same network interface card.

Example for VLAN with ID 2215:

Main NIC of server - eth0

Virtual VLAN NIC - eth0.2215

All servers with a pre-installed operating system come with a Private VLAN interface assigned by default. In addition to this, they are also assigned with a private IP address which can be used to interconnect your servers within the same region without a need for additional configuration. You can check your VLAN interface and private IP address by using an “ip a” command. In case you have a need to use different private IP addresses we recommend using them from the following ranges:

172.16.0.0 255.240.0.0

192.168.0.0 255.255.0.0

10.168.0.0 255.255.0.0

An example of a default Private VLAN setup is provided below:

cherry servers default vlan

What if You Need a Custom Private VLAN Subnet?

Cherry Servers is prepared to setup VLAN where VLAN and internet traffic is separated by individual physical network interface cards. This will eliminate the need for tagged virtual network interface in place of another physical network interface. Private IP addresses will need to be assigned on network interfaces used for VLAN traffic. This type of configuration includes a small set-up fee and may take up to 24 hours to be completed.

An example of a custom Private VLAN set-up is provided below:

Custom Vlan cherry servers