Possibility of VLAN ID Synchronization with Firewall/Network controller?

[wieserfalke]

Hi,
while playing around with Proxmox and Unifi I was thinking why it is not possible to have VLan IDs and there given names be synced between Proxmox and the FW/Network controller. As I use Unifi my first search was for there integration(https://developer.ui.com/network/v10.3.58/getnetworksoverviewpage) which does give the possibility of getting the VLANS/Networks, but a quick google search does seam that there is something for pfSense, not sure on other though.

This would mainly allow an easier selection of the VLAN for a Network connection and depending on how much information is greped and used maybe even inter VLAN routing on the system directly.

 

[Jeffthomson890]

Interesting idea. Having VLAN names synchronized from a network controller could definitely improve usability, especially in environments with many VLANs where remembering IDs becomes difficult.

One challenge I see is that Proxmox supports a wide variety of networking setups, while controllers such as UniFi, pfSense, and others all expose configuration data differently. Maintaining integrations for multiple platforms could become complex over time.

Perhaps a more generic approach, such as importing VLAN definitions through an API or a standardized configuration format, would provide flexibility without tying Proxmox to a specific vendor. At the very least, having optional VLAN labels within the Proxmox interface could make network selection easier for administrators managing larger deployments.

I'm curious how others handle VLAN documentation today—do you rely on naming conventions in Proxmox, external documentation, or automation tools?

 

[wieserfalke]

One can say that this is actually two ideas at once.

1. The Ability to give VLANs Lables
2. The Ability to change settings via a script/api.

I think the first is definitely an easy and helpful Feture.

The later is definitely a more complicated one and may require more scrutiny, since there is definitely the argument about security and such. Which could be solved by setting precisions for scripts and such and definitely the ability to disable it completely.
But one thing that I personally thing is needed if such a scripting interface is created, is that one can manage the via the web gui and set them to run on triggers, time or event.
As for language, this is also a discussion to have but an other rather big topic and there come benefits and drawbags to each.

So maybe point 1, and then at some point the later.

Lastly, the inter VLAN Routing capability would definitely also be useful but is also an other understandable big topic.

 

[cyruspy]

the VLAN SDN zone already does the clusterwide syncing heavyweight lifting. nothing stops you from creating a script that polls VLAN list from the external source and uses native CLI tooling to add VLAN entries. Then, cron is your friend