Working with VLANs
This page provides detailed instructions on performing specific tasks in the VLAN Manager. Before reading this section, please ensure that you are familiar with navigating to the VLAN areas, including the VLAN Sidebar, VLAN Utilization area, VLAN Manage, and VLAN Advanced. For a broader overview of the VLAN system, its workflow, and basic navigation through the available VLAN pages, please refer to the VLAN page. For domain level tasks, see Working with Domains.
| Table of Contents |
|---|
Working with VLANs
Add VLANs to a Domain
| HTML |
|---|
<div id="google_translate_element"></div>
<script type="text/javascript">
function googleTranslateElementInit() {
new google.translate.TranslateElement({pageLanguage: 'en'}, 'google_translate_element');
}
</script>
<script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
Working with the VLAN Manager (Standard Flow)
| Table of Contents |
|---|
Step 1) Add Domain
Users will already have a non-editable Default Domain created, which may house VLANs entered under the previous VLAN text field, however, you may choose to create new domains.
To create a new VLAN domain, navigate to the VLAN Admin Tab, in the Admin area of ProVision, and click on "Add Domain".
Enter the domain name, and select whether it is standard or extended - Standard has a range of VLAN IDs from 1-1005; Extended includes up to 4094.
| Info |
|---|
| NOTE: The ProVision UI and API has restricted usage of VLANs 1 and 1002-1005 in tagging and selecting or searching VLANs. |
...
Viewing the Domain List
If a domain already has VLANs enabled for it, clicking on the "+" sign in front of the domain name will expand the domain list to show enabled VLANs.
The numbers in parentheses under the domain name (shown as 21/1000 in the above image for a standard domain; an extended domain would show as 21/4089) indicate the quantity of enabled VLANs over the available pool of VLANs to select from. There are 5 VLANs (1, 1002-1005) which are reserved, and not included in the count.
Edit a Domain
The Default Domain is not editable, however users may edit the name of user-created domains.
Once a domain has been created, users may not edit the range (standard / extended) of a domain - if a domain is created with a mistaken range, it must be deleted and re-created.
To edit a domain name, click on the "Manage" button next to the domain name.
Under the "Edit Domain Name" section of the page, edit the name as desired, then hit "Save".
Remove a Domain
To edit a domain, click on the "Manage" button next to the domain name.
Then, edit the name as desired and hit "Save".
...
After creating domains, VLANs need to be added (enabled) for that domain out of the pool of available VLANs.
The IPAM VLAN Page
Go to the IPAM Tab, and then either select VLAN from the IPAM dropdown menu, or click "VLAN" from the subtab buttons that appear on the IPAM page.
This takes you to the IPAM - VLAN page, which shows an overview of Domains and VLANs on the left sidebar (click the + next to the domain names to see the enabled VLANs under each domain), and similar to the IPAM page, shows IPAM Utilization data for each Domain / VLAN pair. Clicking on the wrench will open "VLAN Manage", which has the same type of functionality for IP blocks as IPAM Manage, but organized under the scope of that VLAN.
Add VLANs to a Domain (Enable)
In the IPAM - VLAN page VLAN sidebar, click "Enable".
This changes the sidebar into a VLAN search module. Select the desired domain, range of VLANs to view, and click "Search".
| Info |
|---|
| Note: If VLAN Tags have already been applied to a range of VLANs, you may also include VLAN tag criteria in your search. If tags have not been created or applied to a range of VLANs, searching by tags will not return results. |
Below the search criteria, the results list will show VLANs meeting your criteria.
Select the desired VLANs to enable for the domain - you may either select all VLANs in your results list, or check VLANs individually.
When done selecting the VLANs, click "Enable Selected". The selected VLANs will now be enabled for the domain, show in Domain / VLAN lists, and be available to edit or add blocks to. To add more VLANs to another domain, click "Reset" and repeat the process. If done, hit the "Cancel" button at the top of the Add VLAN module, and you will return to the main IPAM - VLAN page view.
Remove VLANs from a Domain (Disable) - API
Disabling a VLAN (removing the VLAN from a domain) may be done through the VLAN API "update" endpoint.
A VLAN may be enabled or disabled by setting its "enabled" parameter to true (enable) or false (disable), after providing the required id.
An example API call to disable a VLAN with id=41438 would look like:
| Code Block |
|---|
(instance url)/api/v1/api.php?target=vlan&action=update&id=41438&enabled=false |
For details on the VLAN update endpoint, see API Module - VLAN - (update).
Edit a VLAN
You can edit a VLAN by clicking on the VLAN in the VLAN List sidebar, then selecting "Edit".
From the VLAN Home page, click Add VLAN.
Select the domain, and then enter the individual or range of VLANs to add. Optionally, you may enter VLAN metadata field values, if metadata fields are enabled.
When done, click Add VLAN.
Remove VLANs
Removing VLANs may be performed from multiple areas:
- On the VLAN Home page sidebar, by right clicking on the VLAN and selecting Remove VLAN from the menu
- From the VLAN Utilization Box for the VLAN, by clicking the gear icon and selecting Remove VLAN
- From VLAN Advanced, by right clicking on the desired VLAN in the list, and selecting Remove VLAN
Deleting a VLAN permanently removes the VLAN from the domain, and removes the VLAN association from any blocks assigned to that VLAN, and permanently deletes the VLAN's metadata.
Edit VLAN (Edit VLAN Panel)
You can edit a VLAN by clicking on the VLAN in the VLAN List sidebar, then selecting Edit VLAN.
This opens the Edit VLAN panel for the selected VLAN. You may also click on the "List" icon in the VLAN Utilization box or in VLAN Manage to open the Edit VLAN panel.
The Edit VLAN panel allows you to view and edit the data associated with the VLAN (Note: not all VLAN fields may be editable).
Typically, editable VLAN fields include the VLAN Name and any enabled VLAN metadata fields enabled in VLAN Columns. To change the information in these fields, click inside the relevant box, type your change, and then click Save Changes. The information provided in these fields will also display in the VLAN Advanced Global View.
You cannot change the domain of the VLAN, but you may add a descriptive name You cannot change the Domain of the VLAN, but you can add a descriptive text name, apply a VLAN tag (if using the tag system), or edit VLAN Metadata (if enabled).
After making your changes, click the " Save " buttonChanges. The named VLAN will now show both VLAN number and name when viewing Domain domain / VLAN lists or when working with blocks.
...
Add Blocks to VLANs
After VLANs have been enabled for domains, you can associate those VLANs with IP blocks.
Add / Update Blocks to VLAN from VLAN - Manage IPs:
Using the "Assign Blocks" Panel
While on the VLAN Home While in the IPAM Tab -> VLAN Page, expand the desired domain in the sidebar and right click on a VLAN. Then select "Manage IPs".
Assign Blocks to VLAN.
This navigates to the VLAN's Utilization Box, and opens the Assign Blocks panel. You may also access the panel directly from the Utilization Box or VLAN Manage by clicking on the plus-sign icon.
From the Assign Blocks panel, you can choose to Direct Assign This opens up a window where IP Blocks may be associated to the VLAN. From here, you can "Direct Assign" a block to the VLAN, "Browse Assign" blocks, or Search for a block to add to the VLAN.
Direct Add Block to VLAN:
Directly add a known, available IP Block by typing in the CIDR, then hitting "Add IP Block".
When complete, the block will be added to the "Assigned IP Blocks" list on the right of the window, with the option to remove if desired.
Browse IP Blocks to add to VLAN:
Browse blocks available to add to the VLAN by clicking on the "List available blocks" link above the IP block input box.
This opens a window similar to the "Smart Browse" used in assigning IPs to a resource - just select IPv4, IPv6 blocks, or Resources to browse from the radio buttons at the top of the list.
When you have selected the block to add, click "add to VLAN".
The selected block will automatically fill in the block input box - just hit "Add to IP Block" below the input to finalize the addition.
When complete, the block will be added to the "Assigned IP Blocks" list on the right of the window, with the option to remove if desired.
Search IP Blocks to add to VLAN:
Select search criteria of IPv4 / IPv6, size, RIR, Region, or Associated Tags / Tag selection mode to create a filtered list of IP blocks meeting that criteria. Then, click "Search".
This opens a window with filtered results matching your criteria.
When you have selected the block to add, click "add to VLAN".
The selected block will automatically fill in the block input box - just hit "Add to IP Block" below the input to finalize the addition.
...
or use filter criteria to user Smart Browse to assign blocks.
Assign Blocks to VLAN
Blocks may be assigned to the VLAN from the Assign Blocks panel, opened or closed by clicking on the plus-sign icon. Two assignment options are available: Direct Assign to VLAN, if you know the specific block to assign, and Smart Browse to VLAN, where you can specify filter conditions and select one of more blocks meeting those conditions.
To open either option, click on the appropriate header bar to expand the module.
Expand the area below for more details on Direct Assign to VLAN and Smart Browse to VLAN:
| Expand | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
Direct Assign to VLAN
Smart Browse to VLANSmart Browse to VLAN is used to search for a general list of blocks available to assign to the VLAN that meets certain criteria.
Assigning from Smart BrowseThe Smart Browse results list will display a list of blocks that a) meet your filter criteria, and b) do not already have a VLAN assigned. You may assign individual blocks immediately (Add IP Block), or select multiple blocks and delay assignment until after your final selections are complete (Assign Selected). Immediate Assignment:
Delayed Assignment / Selecting Multiple Blocks:
|
Add / Update VLAN to Blocks from IPAM Manage or VLAN Manage:
When editing a block in either IP Manage (IPAM Tab -> Action Menu (wrench) -> Manage), or VLAN Manage (IPAM Tab - VLAN -> Action Menu (wrench)) , you can select an existing domain and VLAN to associate to the block.
VLAN Manage:
From the VLAN Manage screenpage, click on the Action Menu (wrench gear icon) for the desired block, the select "Edit".
Edit. You may also double-click on the block to open the same screen.
In the Edit Attributes page dialog for the block, change the Domain domain to the desired item, then select the VLAN. Hit save Click Save when done. 
IPAM Manage:
From the IPAM Manage screenpage, right click on the Action Menu (gear icon) for the desired block, the then select " Edit".
To select multple multiple blocks to edit, hold down the shift key and click on the blocks you wish to edit - the selected blocks will be highlighted. Right-click anywhere in the blue highlighted area, and select " Edit selected blocks"Selected Blocks.
The " Edit Block " modal window dialog will pop up for the selected block(s). Edit the domain by clicking in or typing in the domain search box, and select the desired Domaindomain.
Then, select the VLAN for the blocks from the enabled VLAN list. When done, click " Save".
| Info | ||
|---|---|---|
| ||
NOTE: Child blocks whose Parent blocks already have an assigned Domain domain / VLAN, may not have domains and VLANs changed to be different than the Parent Block's values. If you attempt to save domain / VLAN changes to a child block under this situation, an error will occur. i.e., Parent and Child IP Blocks must have matching Domain domain / VLAN values. |
Add / Update VLAN to Blocks from IPAM Gadget:
You may also add / edit Domain domain /VLAN information when editing a block in the IPAM Gadget. From the IP block's Action Menu (gear icon), select " Edit".
Then, in the Edit Attributes box that pops updialog, search for or type the desired Domaindomain, select VLAN information, and click "save"Save.
Working with VLAN Tags - (Optional)
VLAN tags provide further organizational / search criteria when searching for VLANs to enable.
Creating VLAN Tags
Create VLAN Tags from the VLAN Admin Tab, in the Admin area of ProVision, and select "Edit Tags" from the dropdown.
To add a new VLAN tag, click on "Add Item" at the top of the Edit List: VLAN Tags page.
Then, type in the desired name value for the new tag, and hit "Add Item". The new tag will be added to the list below.
To edit a tag, simply type your changes in to the text box with the tag name. Tags with unsaved changes will be highlighted until saved.
To delete a tag, click on the red "delete" symbol to the right of the tag name.
When complete, be sure to click on the "Save" button to save your changes.
Once VLAN tags have been created, they will be available to add to VLAN ranges and use in the "Add VLAN" search function.
Add VLAN Tags to VLANs
VLAN tags may be added to VLANs in two ways: Editing an already-enabled VLAN (VLAN Edit), or by assigning the tag to a range of VLANs from the Domain VLAN pool (un-enabled VLANs, which are then available to search by VLAN tag to enable).
Add Tag to an Enabled VLAN
Edit an existing, already enabled VLAN by clicking on the VLAN in the VLAN List sidebar, then selecting "Edit".
Apply a VLAN tag from clicking in the "VLAN Tags" box, and selecting one or more VLAN Tags.
After making your changes, click the "Save" button. Tagged VLANs will be viewable in the VLAN Chart a single tag points under VLAN Admin - Domain Manage.
Add Tag to a Range of the VLAN Pool
You can also tag a range of the (un-enabled) VLANs in a domain's VLAN pool. Then, when moving on to enable a set of VLANs for a Domain, you can select those VLANs by tag.
Go to the VLAN Admin Tab in the Admin area of ProVision. Then, next to the desired domain, click "Manage".
This brings up the page to edit the domain or view a chart of VLAN tags (y axis) to VLANs in the available pool (x axis).
Hovering the mouse over a tag range will show details such as the range start, end, and count of vlans in the range.
Under the "Edit VLAN Tag Range" section, you can bulk assign tags to ranges by:
- Select the tag to edit in dropdown below chart
- Type desired VLAN start and end value for the range
- Click "Add Tag Range" to set and save.
To remove a range of tags, under "Edit VLAN Tag Range":
...
Remove Blocks from a VLAN
Quickview
The Quickview panel provides a condensed, filterable list of all blocks assigned to that VLAN, separated into three columns - IPv4 blocks, IPv6 blocks, and grouped by resource.
To open or close the Utilization panel, click on the "Eye" icon in the grey header bar.
While in the Quickview panel, you may easily search for a block by typing the all or part of the CIDR into the IPv4 or IPv6 Filter boxes - useful for verifying an assignment or quickly scanning ranges.
You may also remove a block from the VLAN with a single click of the Remove button.
Working with VLAN Metadata
Once assigned, the tags show as a property of the VLAN block in the VLAN edit menu and may be used for VLAN Searches / Assignments.
...
Customizable metadata fields are available to hold VLAN-specific information such as Location, Client, Firewall, Gateway, and more.
These fields can be enabled and disabled in the VLAN Admin section of ProVisionin IPAM Admin → Edit VLAN Columns, and viewed / edited under " Edit VLAN " in the VLAN Tab and in VLAN Manage.
Enable / Disable
...
VLAN Metadata Fields
VLAN Metadata metadata fields can be enabled and disabled under the VLAN Admin area of ProVisionthe IPAM Admin → VLAN Columns area.
To enable a new Metadata Field, navigate to the Admin section of ProVision, and select "Metadata Fields" from the dropdown.
To enable a new field, type the desired field name in an empty text input box under "Field Display Name", and select the check box next to the new name. Then, click "Save" to save your changes. Field display names may be edited at any time by simply typing the desired change into the "Field Display Name" box and saving your changes.
Once enabled, a metadata field displays for all enabled VLANs.
Here, you may edit the order of columns, rename columns, and enable/disable column visibility.
Any columns that are disabled will hide the column from VLAN Manage, as well as hide the applicable field from any VLAN filters or Edit VLAN actions.To disable a metadata field, deselect the check box next to the Field Display Name and click "Save". Any data that exists under a disabled field is retained, and will reappear once the field is re-enabled.
View / Edit Metadata Field Information
VLAN Metadata metadata may be viewed and edited in from the IPAM - VLAN Tab. from VLAN Home, VLAN Manage, and VLAN Advanced.
While in the IPAM Tab -> VLAN PageHome page, expand the desired domain from the left sidebar and right click on a VLAN. Then select "Edit"open the Edit VLAN panel.
The In the Edit VLAN screen, you may view the Metadata or enter your desired changes and click "Save" when done. panel may also be opened from VLAN Manage (click on the List icon), or from VLAN Advanced (right-click on the desired VLAN and select Edit VLAN).
Additional Information
For information on working with domains, see:
For a higher level overview of the VLAN Manager, see: