Virtual network adapters and VLANS on Ubuntu?

I am using pfSense as my firewall/router for my home network and have created several different VLANS for different purposes. I have, for example, VLAN for guests and another for IoT devices to connect to the Internet but have no access to my primary LAN. I have another for IP-based cameras that have NO access to the Internet. I’ve set up my network to allow devices from the primary LAN to initiate access to devices on the VLANs, but the device can’t initiate. I then have an Ubuntu 22.04-based machine running Zoneminder to watch and record from the cameras. At this time, I have the Zoneminder on my primary LAN and it can access the cameras via RTSP on the camera VLAN. I would like to be able to use ONVIF but it seems as if Zoneminder and the cameras need to be on the same subnet.

At this time, as I mentioned, the Zoneminder is running on the primary LAN. I was wondering if I could change the switch port from a single LAN to a trunked connection and set-up more than one virtual network adapters on Ubuntu. I’d like to keep the cameras on an isolated network with no Internet access but I’d like Zoneminder to access the cameras on one virtual network adapter and have the web-interface on another. It seems to me that this ought to be possible and their are programs/tools to do so but don’t know where to start.

Since you are running ZoneMinder, I’m assuming you probably have GNOME installed on top of Ubuntu. I don’t know how to do it there, but network configuration should still be possible via netplan. Check your /etc/netplan directory. Here is an example of how to configure VLANs with netplan.

Also I support the idea of the NVR having an interface in the same network as the cameras because then traffic can be switched instead of needing to be routed (I’m assuming you’re not using a L3 switch).

That should be possible, Proxmox basically does that if you have a single NIC.

Take a look at this guy’s site Adding VLAN Interfaces to Ubuntu · Tom Henderson that should work if you are running headless. In ubuntu mate GUI you can add a virtual NIC vlan from the Network Connections.

I’d be curious to know if you get it to work.

I’ve not done this myself but did look into this in the past, but I couldn’t get it to work, it might have been the NIC I was using.

When I build networks for ip cameras I always either use a separate dedicated switch (if there are going to be enough cameras [24+]) or a dedicated vLAN on a switch that is totally isolated (no uplink) and dual NIC the NVR. Too many cameras today phone home and doing this stops them from having that ability. I also don’t run DHCP on the camera network, everything is static.