Need help to change from default Linux bridge to openvswitch

J

jaggedtoaster

Renowned Member
Oct 25, 2015
5
0
66
I just installed Proxmox 4.0. The host has two NICs. I would like to change completely over to openvswitch instead of using the default Linux bridging. I have successfully install openvswitch and have created vmbr1 as an OVS bridge using eth1 with an IP address in the same subnet as vmbr0. I successfully moved my single guest to it.

However, I now want to remove vmbr0 so that I can add eth0 to the vmbr1 OVS bridge. When I try to remove or disable vmbr0 I can no longer access the Proxmox host via either IP address. I even tried leaving vmbr0 and vmbr1 entirely up and enabled, just disconnecting the network cable to eth0. With eth0 down I cannot access the vmbr0 IP or the vmbr1 IP address. I figured I may not be able to access the vmbr0 IP, but thought vmbr1 should have remained up. With eth0 down I can still access the guest.

Is there a way to get rid of the original vmbr0 or do I have to keep it around just so I can access the Proxmox web interface?

My /etc/network/interfaces file contains:

auto lo
iface lo inet loopback

iface eth0 inet manual

allow-vmbr1 eth1
iface eth1 inet manual
ovs_type OVSPort
ovs_bridge vmbr1

auto vmbr0
iface vmbr0 inet static
address 10.0.0.100
netmask 255.255.255.0
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto vmbr1
iface vmbr1 inet static
address 10.0.0.99
netmask 255.255.255.0
gateway 10.0.0.1
ovs_type OVSBridge
ovs_ports eth1
 
Hi,
if you remove the vmbr0 then you have change the /etc/hosts ip.
this is the Ip where the pveproxy is listen on.
 
Thanks for your suggestion. I did update /etc/hosts so that 10.0.0.99 is in place instead of 10.0.0.100. Unfortunately after a reboot the behavior was the same. I am not able to reach or ping 10.0.0.99 or 10.0.0.100 if I disconnect eth0.

One interesting point is that the arp table on a client connected to the same network shows that 10.0.0.99 and 10.0.0.100 share the same MAC. I would have thought they would be different.

Are there any other suggestions around this? I appreciate the help as I am new to Proxmox!
 
Sorry, I take it back about the MAC. I looked more closely and they do have different MAC addresses in the arp table. 10.0.0.100 is associated with eth0 via vmbr0 and 10.0.0.99 is associated with eth1 via vmbr1. I do notice that in the syslog when I disconnect eth0 and reconnect it the message "vmbr0: port 1(eth0) entered forwarding state" is logged. Do both vmbr0 and vmbr1 forward? Or is that something that must be manually changed so that forwarding is performed via eth1?
 
what i did is the following


  1. fresh install
  2. apt-get install openvswitch-switch
  3. log into proxmox gui
  4. delete vmbr0

  • create ovsbond with eth0 and eth1, create ovsbridge with bond as port, create ovsintport for your IP (proxmox gui) on your ovsbridge.​
or​

  • create ovsbridge with port eth0, create ovsbridge with eth1, create ovsintport with vmbr0 or vmbr1 as port for your IP (proxmox access).​

  1. reboot proxmox
  2. if you do not get gui access:

  • log into proxmox (local terminal)
  • execute /etc/init.d/networking restart (from there on in it should work properly)


you can do the complete config via Gui, only on advanced configs like e.g. jumboframes you will need to manually edit nano /etc/network/interfaces .


if in doubt, check the wiki:
https://pve.proxmox.com/wiki/Open_vSwitch
 
Last edited:
Thanks very much for your reply. I was able to delete the original vmbr0 and setup an openvswitch vmbr0 in its place. I've gone with the setup of having two openvswitch bridges each with one of the physical NICs assigned.

I did not create an ovsintport, but instead just assigned an IP to the bridge. Is there any advantage to using ovsintport instead, or just required to have IP addresses on each VLAN?

I was hoping to have one openvswitch with both NICs assigned, but it appears that cannot be done unless they are in a bond? I am using this for a simple home setup so I had wanted one physical NIC to connect to the inside network and one to the Internet side. Then I would have provided separation via VLANs and tagging internally while assigning each NIC to the correct VLAN and setting them to send out untagged traffic.

This setup with two openvswitch bridges will work for me. I mostly wanted to be able to use the port mirroring.

Thanks again!
 
The wiki states
Remember, if you want to split out vlans with ips for use on the local host, you should use OVSIntPorts, see sections to follow.

and i am pretty sure i've seen a bunch of replies from support, that state your not supposed to put ip's on your bridges.

Personally i am not sure why.

But lets assume you have

Bond0
vmbr0
vlan0 10.0.1.1 tagged=4000


bond1
vmbr1
vlan1 10.1.1.1 tagged=1
vlan192 192.168.2.101 tagged=192
vlan83 83.223.123.1 untagged

it would make at least managing stuff alot easier :p


 
Thanks very much! I have modified my config to us an OVSIntPort. I appreciate that you took time to reply and share this useful information.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back