(A more up-to-date version of this tutorial and working with more recent versions of Home Assistant is here.) Bellow is left for those working with olders versions of Home Assistant.
Hi everyone,
this is my first post and attempt to contribute to HA amazing community.
I have been reading a lot lately about this problem because I too have a “VLANned” setup at home, effectively separating sensors and so what from my LAN. Case is that when I tried to discover my Xiaomi Air Purifiers with HA it failed miserably because of routing (even with firewall completely down between LAN and sensors VLAN). I double checked by testing the mirobo tool from a linux system on different network segments, so I knew from then that it was a networking problem.
After many hours of reading different threads and pages on this subject, I manage to achieve a working VLAN setup in HA (L3) where the HA eth0 interface (cabled one, as my wifi is off) is subdivided into 2 interfaces: eth0 and eth0.10. The eth0 is on the LAN side and eth0.10 is on the VLAN sensors side. This serves my purpose and it works (so far). My Xiaomi Air Purifiers are now discoverable and reporting to HA, although belonging to a different network than the rest of my LAN. You can adjust it to your needs, I guess, by adding more VLANS or even making it an L2 with complete separation (no routing whatsoever).
Some would argue it would just be better to put HA on the sensors side of the network and leave it there, but I wanted to be able to discover other devices on my LAN side too (media players, etc), so that would force me to punch a hole in my firewall to let HA in and in addition I would get the same old routing problems.
So to help others, here goes my description of what I did to achieve VLAN integration. Please comment and correct whatever you see fit for improvement. This configuration is still not “battle proven” so attempt it at your own risk 
It only works for HassOS but you can use the generated config to apply it in ResinOS version too, via USB import, I guess.
My main source of information were these three pages with information regarding nmcli (NetworkManager command line tool):
VLAN in HA:
-
Log into as root to the HASSOS base system via a console
-
At the
hassio >prompt, typelogin -
From here you will use the
nmcliconfiguration tool.
#nmcli connection showwill list the “HassOS default” connection in use. -
Create the VLAN interface with a static adress on eth0 (parent interface), defining ip, gateway and dns (adjust to your needs)
#nmcli con add type vlan con-name eth0@vlan10 dev eth0 id 10 ip4 10.0.0.2/8 ipv4.dns 10.0.0.1 gw4 10.0.0.1 -
Show connections again and it should list your new VLAN (fake uuids)
#nmcli connection show
NAME UUID TYPE DEVICE
HassOS Default aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa ethernet eth0
eth0@vlan10 bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb vlan eth0.10
-
To see more detailed info about the connection
#nmcli -p con show eth0@vlan10 -
Now enter the nmcli editor to “edit” your connection
#nmcli con edit eth0@vlan10 -
Just save the settings and properties and it should report a successful update to the connection
#nmcli> save -
To double check settings of the vlan interface
#nmcli> print ipv4 -
Quit the nmcli editor
#nmcli> quit -
Check for the creation of a new file with VLAN definitions (there should be a eth0@vlan10 file)
#ls -la /etc/NetworkManager/system-connections/ -
(optionally) Check the contents of the file (possible output bellow)
#cat /etc/NetworkManager/system-connections/eth0@vlan10
[connection]
id=eth0@vlan10
uuid=bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb
type=vlan
permissions=
timestamp=1546212011
[ethernet]
mac-address-blacklist=
[vlan]
egress-priority-map=
flags=1
id=10
ingress-priority-map=
parent=eth0
[ipv4]
address1=10.0.0.2/8,10.0.0.1
dns=10.0.0.1;
dns-search=
method=manual
[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto
-
Exit the session and reboot the HA host to test (after rebooting you can login to HassOS again like in 1st step and see if file with definitions still exists)
-
Profit!
Hope this helps someone getting somewhere!
Good luck!