 I wanted this video to talk about VLANs and networking in regards to XCPNG. This is our newest lab server that we're building and I have to add some more VLANs so I thought, hey, let's record a video and share with you the process for getting that set up. This server in particular was provided to us from Tech Supply Direct. They sent us this server so we could run these videos and I have an offer code that'll get you 10% off if you'd like to purchase this server or a multitude of other servers and workstations they have, just use the offer code, LT, services and get your 10% off on your entire cart when you go purchase servers from them and yes, plural, they have a lot to choose from and a lot of good workstations and it's a great way to get a discount on building your own virtual lab. Back to the video here, so this is via the iDRAC interface and I have a whole review I did just of this particular server and talks about how all this works and how I'm viewing this. I'll leave a link to that below. So this server has two 10 gig SFP plus ports powered by Intel network adapters which are quite compatible with XCPNG. So this is a perfectly fine working 10 gig setup but we want to talk about how we actually break out the VLANs and the networking inside of XCPNG. So the management interface is plugged into ETH0 and it's the only IP you have to assign to the XCPNG. This is where some people get confused. I think they need to assign the VM IP addresses inside of here and you do not at all. You let the VMs take care of their IP but we do have to segment out the VLANs in the network. This is pretty much a default config just installed. ETH0 is the 10 gig port. It's got 192.1683.27 which is the native VLAN that it's plugged into. Let's get this out of the way and look at our different VLANs we have here. So LAN is this one here 192.1683.0. This is the unified controller software. We have a couple other ones. We have a storage, an IoT, two different studio ones, VLAN tab and VLAN 69. So we're going to create one more network as we're going to be doing some pen testing coming up and we needed a separate lab to do that in so that we know all devices in that LAN are just for the purpose of pen testing and enumerating networks and some other projects we have going on. So we're going to create new network. Now there's two sides to creating VLANs. It goes a lot of scope of this but you have to create them in whatever your firewall is as well unless you're using a USG firewall then it'll be created at the same time in the head end because that's where we're doing all the routing. In our case we're using PF Sense which means we would have to create them in PF Sense if we wanted the firewall to be handling any of it. These particular VLANs we're going to have it all internal because it's going to have its own network and own separate feed to get to the internet. I'll be covering that in some later videos. But let's show how we handle the VLANs in here. So we're going to call this PWNAGE or PONGE and we'll call it 1337. We've got to give it a VLAN ID. I know VLAN ID 1337 is not in use. So there's our PONGE, there's 1337, save. Now Unify makes this easy. We have quite a few different switches and we're going to go ahead and look at them here. And they're all provisioning to have that extra VLAN that we just created within there so we can start assigning them to the different ports. Now let's look at the 10 gig switch because that's where actually all of our XDP and G servers including our new lab one is plugged into. Specifically it's plugged into port 12. Because E0 is plugged into port 12 of this Unify 10 gig switch it's the Unify switch 16XG. So this is the port 12, it's plugged in and please note the profile we have it set to. This is important that we have this set to profile all. Some of the other ports are trunked in VLAN and delegated just to equal storage so they are only attached to that. So specifically the lab one we want set to the all profile. And you can see it is connected to it at the full 10 gig. And what this means is it sends all the VLANs to that port. Because we're going to go inside of XDP and G and we're going to break up the VLANs into separate virtual interfaces. Now they have a whole guide where you can get more in depth than I will on how VLAN trunking is and you can read through all the details and it right here though it says there's two approaches. There's two approaches to VLANs and XDP and G. The first is create a virtual interface for each VLAN you want your router to route traffic to and attached at VIF to your VM. The second is to pass through the trunk port from DOM zero to your router VM. Because not everything supports the virtual interfaces and VLANs on there. We're doing it the first way. We're going to create a virtual interface for every VM that we want to attach to that particular network. So for every VLAN we create a virtual interface. Then it makes it to me the easier way to get them assigned to each VM we have spun up to the proper VLAN that we want them in. So there's a couple of different things we're going to do. And we're going to go over here. And we're going to look at how XCP and G and we close these. We'll connect the lab. And why am I doing this in the Windows XCP and G center? Well, one of the challenges and I've looked around and it's kind of a weird problem. I like to name them here. And they're harder to name in the Zen Orchestra. Let me show you. So I have Zen Orchestra and I have both versions here. So I've got the Zen Orchestra community edition loaded here. And this is the one you download, the trial edition. And both of them have the same problem when we go to networking. So we're going to go to pools and we're in the pools. And this is where you would set up the network. Now it says pool, but even though there's a single server, the single server goes into a pool with its own name. And you can rename it here. Well, in theory. So we got three. And I get this little message here. Invalid parameter. And I haven't really figured this out. So no matter what I try to name it, it just says, Invalid parameter won't we name it. But when you're inside here, if you want to name the networks, no problem. You can go into this and you can read easily just properties. And it lets you name and save. And those names carry over in there. So I just wanted to bring it up in there. Now let's talk about how do we actually create the networks. So go back over here and you can create them just fine in here. Now this is a point of confusion as well. There are two spots. We have hosts and network. And some people think this is where you would want to try to edit or create them. This actually isn't. We always want to make sure you create them in the pool. So we're going to go back over here to the pools, network, and we'll add a network to this. Select interface. Well, we know we have ETH0 plugged in and set to VLAN all, which means all VLANs will come to ETH0, 10 gate port. So we're going to call this one Pwnage, where things go to get Pwned. Now here's the VLAN, 1337. That's the same VLAN we created when we were in the Unify. So now we've attached Pwnaged this VLAN right to here. Hit Create Network. And now we have the Pwnage network attached to it right here. I already created VLAN69. So what's VLAN69? That's our 172.1669 network. And then, of course, here's Scylla.3. So what this does is each time you create another one, we can now assign each one of these networks to that. So now we have the Pwnage network. And let's go ahead and add my IoT network as well. So let's go here. And we're going to go Add Network. So let's select the same one, ETH0. And we know from the Unify over here, let's jump over real quick. We go back over to the Network Settings, Networks. We have this IoT network, VLAN only, VLAN tag 50. So go back over here. And this will just call it IoT, IoT Crap. And then we'll put the VLAN tag of 50 right here, tied to ETH0, Create Network. And I labeled the other two not in use because there's physically nothing plugged into them. So that's an easy way to do some labeling. So we got Pwnage, VLAN69, and IoT. How does that actually work in practice? Well, that's actually pretty simple. So we're going to go over here. We'll find Debian on Lab Server Network. So it's currently attached to the .3 network. Let's go ahead and test that real quick. So here's that Debian box. Go ahead and fire it up. Make this so we can watch the console a little bit faster. But it's really fast, we're doing this in real time and we'll log into it. Root, put the password in. I have config and we have got 192.1683.158. Now, that's over to our Unify. Show you the physical layer again, Devices. We're going to pop this 10 gig switch out. Now, this 10 gig switch has me, Tom's computer, the one we're sitting at and doing this recording on, plugged in right here. It's an RJ45 port. This is an SFP plus, but they're both 10 gig. The nomenclature here, 10 gig is white. Green is the 100 meg because, well, and she's got to go down to the 100 meg switch that's below it where the rest of the network joins in. So my computer's connected at 10 gig and this is connected at 10 gig. So what we're going to do is a quick 10 gig test. We're going to go back over here to this DB and lab server and we'll, Iperf-S for server. We know it's at 192.1683.158. And then my computer is at 192.1683.9. So what we're going to do is connect to this server behind here and do an Iperf test just for speed. This is a raw speed test to test the network interfaces to make sure they're working properly. Oh, 3.158. Believe that's the right IP address, double check, yep. So there's the client and away we go. 9.42, 9.35. Yeah, we're getting 10 gig connectivity out of this. So that's a pretty solid connection there. I'm happy with that. So now we're going to go ahead and just drop that out. Let's move it over to another network. So we know that's the .3 network. How do we get onto the IoT network? Let's see the VLAN69 network. So we'll do this. You can swap the network that it's plugged into because you're not actually changing out the, you're not adding another or changing the actual network interface, picture it as plugging into a different network. So the network stays attached, but it sees like a network cable unplug and replug. So we go back over here to our console and go have config and now we have a new IP address. 172.1669.51. Then we go over here and we switch it over to IoT. Go over to the console, let's up arrow again. And now we're in the 192.168.50.177. So it's the IoT network, it is a .50 network. So you can see this is an easier way, in my opinion, than when you go in depth of how you can pass the entire one through and build it out, but you can do it this way where you can pass it through because maybe you're running some type of virtual routing or your router inside of XCPNG, for example, if you want to run PF Sense inside there, but PF Sense does not have proper VLAN queue tag support in the driver's tag that they have. So when I do run PF Sense in here, I prefer to do it this way and you don't create any VLANs within the virtual PF Sense, I attach it to each VLAN inside of the network. Because that makes it, well to me, it's actually nice and clear because it has another network interface for every single one of them. It's not, you're not doing any of the double trunking problems that you may have. But this is just a quick and easy setup for the network and the other network that we added won't give this an IP address because I don't have DCP turned onto it yet because we're gonna, like I said, we're gonna have its own lab inside there and it's gonna be for some future videos. But if you switch it to the Ponage network, what's gonna happen here? It's not gonna have a network address but it's gonna show connected. It's just kind of waiting for an address to come to it that will never come. But what we are going to be doing in the future videos is we'll attach other devices such as a PF Sense in there. So you can build another PF Sense server virtually inside of here and the LAN side of it, I would attach to that same Ponage network and that would be the feed that feeds all the IP addresses and everything on that network and that will be their route in and out so we can create isolation on there. Like I said, that's gonna be for some of the virtual lab videos that I have up and coming but I wanted to cover this real quick while we're actually setting up the server so we can get you an idea of how the networking works and how you define the VLANs which defining them inside of here is my preferred method to do them but like I said, you can follow these resources here and figure out how to do it directly on there. That's it. Let's take a brief overview on there. I'll leave a link so you can do that for the reading and if you're interested in this server or getting started with XP and G I will leave the links to those as well. It's an excellent virtualization system and as long as you understand how to do networking you can get started building a really awesome 10 gig virtual lab with it. Thanks. And thank you for making it to the end of the video. If you like this video, please give it a thumbs up. If you'd like to see more content from the channel hit the subscribe button and hit the bell icon if you'd like YouTube to notify you when new videos come out. If you'd like to hire us head over to laurancesystems.com fill out our contact page and let us know what we can help you with and what projects you'd like us to work together on. If you wanna carry on the discussion head over to forums.laurancesystems.com or we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos they're accepted right there on our forums which are free. Also, if you'd like to help the channel in other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time.