On my old network, I always ran it flat including my servers. Since I have moved and brought a server into my house (in addition to my colo’d servers), I needed to have a dedicated server VLAN. I wanted to leave my Proxmox management interface on my main network.
Create your VLAN
If you have not already, create the VLAN. I use pfSense as my firewall and UniFi for my switching, so I had to create the VLAN in pfSense, modify the firewall rules, add the interface and on the UniFi side, I had to add the VLAN and then add it to my switch.
How you do this is going to greatly depend on what gear you have so I’m not going to go in depth.
The important thing is that your interface that connects your Proxmox server is a trunk and you’re allowing all the appropriate VLANs.
Modify your Proxmox bridge port
Next, you’ll need to modify your bridge port.
Click on your PVE node name under datacenter, click on network, then click on the bridge and then click on edit.
Now tick the “VLAN aware” box and hit OK. You may have to restart your interface or the whole box (if you have to restart the whole box, install ifupdown2 which will allow you to just restart the network).
Move your VMs to VLANs
Next you just have to move your VMs to the appropriate VLAN(s). Go into the hardware and find your network interface. Edit it. You should see a “VLAN Tag” field now. Just type the VLAN tag and click OK. You may need to reconfigure your VM guest OS, but it will now be on that VLAN!