This article shows how to create VLANS over bridge to a single physical interface. You may want to do this when building a kvm host and want your kvm clients to have interfaces connected to specific vlans on your network.

Delete the current connection setup for the interface that we are bridging.

Note that you should be connected to the server directly via console or connected via ssh through a different interface otherwise you will loose connectivity to the server
nmcli con show

Executing nmcli c s will show our current list of configurations.

In this case I shall be working on enp0s25 interface. Note that I have a "Wired Connection 1" device. This is actually an external USB Ethernet device that I temporarily plugged into my server so that if I can work on the primary interface.

delete the interface that we shall bridge

nmcli con del enp0s25

Create the Bridge

nmcli con add type bridge ifname br1922 con-name br1922 connection.autoconnect yes

In the above command we create a bridge with an interface name br1922 and same con-name br1922. Note that you can call the bridge in any way you like.

Configure IP for the bridge

Now we set the IP, gateway and DNS for the bridge we created above.

nmcli c mod br1922 ipv4.method manual ipv4.address 192.168.2.232/24 ipv4.gateway 192.168.2.254 ipv4.dns 192.168.2.249

Now attach the VLAN to the network device and the bridge

At this point you have a bridge with an IP but it is not usable yet because it is not attached to any interface or vlan. We now use nmcli to attach the bridge to vlan 1922 on enp0s25 (our physical interface)

following command attaches VLAN id 1922 to the physical device enps025 and bridge we created above br1922

nmcli conn add type vlan con-name enp0s25.1922 dev enp0s25 id 1922 master br1922 connection.autoconnect yes

Restart the bridge

nmcli c d br1922; nmcli c u br1922

How to add more bridged VLANS

We can keep on going adding more bridge for each vlan that we want as follows:

In order to bridge more vlans all we need is to repeat the steps for example we have vlan with id 100 and name VLAN100

1. Create the bridge

As explained before, you can name the bridge ifname and con-name anything you like. The names i choose below is just my own personal convention where I but br and then the vlan id

nmcli con add type bridge ifname br100 con-name br100 connection.autoconnect yes

2.Configure the bridge IP

nmcli c mod br100 ipv4.method manual ipv4.address 10.10.100.2/24 ipv4.gateway 10.10.100.254 ipv4.dns 192.168.2.249

3.Create the VLAN connection

nmcli conn add type vlan con-name enp0s25.1922 dev enp0s25 id 100 master br100 connection.autoconnect yes

4.Restart the bridge

nmcli con down br100;nmcli con up br100