Proxmox issue with multiple VLAN on single NIC on Unifi devices

P

Pfannkuchen

New Member
Jan 15, 2023
2
0
1
Hi guys,

I have an issue with my Proxmox server setup and hope you can help me to identify where this may come from. I already tried some articles from this forum, but none of them helped to solve my issue so far. Since I added two more disks to my Proxmox Server and restarted the server, I have the issue, that I can't pass vlans to host VMs anymore. Maybe there was an update activated by the reboot and as I thought it may be a bug, I updated Proxmox to 7.3.4. But the issue still remains.

On my Unifi Devices (Switch US-16-150, Firewall Unifi USG) I configured a port profile with native VLAN 100 and multiple tagged networks (VLANs 10, 20, 98,101,102, 103, 200) and assigned this profile to the port the Proxmox NIC is connected to. Within each network DHCP is activated, VLAN ID is assigned and fixed IPs of different network ranges (192.168.100.0/24, 192.168.101.0/24, etc.) are assigned to each host. To keep the troubleshooting simple, I reduced my current config in Proxmox to VLAN 100 (native) and VLAN 102 as an example.

In Proxmox I set up a Linux Bridge vmbr0 and set the flag "VLAN aware" and assigned this bridge to eno1 (the NIC were the Unifi port profile is assigned to). The vmbr1 holds the management IP and gateway, which is in native VLAN 100. Also I created for each VLAN an own Linux VLAN in my Proxmox network configuration. The VMs network device (virtio) is assigned to bridge vmbr0 and VLAN Tag is set, in this example to 102. Here is my current config of Proxmox network:

iface lo inet loopback auto eno1 iface eno1 inet manual auto eno2 iface eno2 inet manual iface eno3 inet manual iface eno4 inet manual auto vmbr0 iface vmbr0 inet static address 192.168.100.11/24 gateway 192.168.100.1 bridge-ports eno1 bridge-stp off bridge-fd 0 bridge-vlan-aware yes bridge-vids 10 20 98 100 101 102 103 200 auto vmbr0.100 iface vmbr0.100 inet manual auto vmbr0.102 iface vmbr0.102 inet manual

If I logon to a VM which should receive an IP from VLAN 102 the network adapter ens18 doesn't show any IP. When I run ifdown ens18 && ifup ens18, it tries to receive an IP via DHCP but fails after several attempts (message: No DHCPOFFERS reveceid).

When I remove the VLAN Tag from the VMs network config and run ifdown ens18 && ifup ens18 on the VM again, I receive immediately an IP of the native VLAN 100 network range.

Do I oversee something, do I have a wrong understanding or a mistake in my config? Problem could also caused by Unifi side, but I first want to check if my Proxmox network setup is correct.

I highly appreciate any hints or advice to improve my config, that VLANs and DHCP are available again.

Thanks, and kind regards
Michael
 
Last edited:
Hi,

short update from my side, because I was able to find a solution. I read somewhere in this forum, that when management IP and gateway from the native vlan is assigned to a vlan aware bridge, all traffic is untagged. Therefore I set up another Linux vlan aware Bridge and attached it to Proxmox server NIC #2. On switch side I configured the port policy on the port where NIC #2 is connected to. And then I set vlan tag for each vm and they where able to receive an IP from network DHCP.

I identified that vmbr0.100 and vmbr0.100 are not needed so I deleted them.

But now I have to use 2 NICs for Proxmox, 1 for management and 1 for all vlans.

Is there a way to have both functions (management and tagged vlans) on a single NIC?

Kind regards,
Michael
 
Last edited:
Yes it can be done on one interface.

I think that you are muddling VLAN aware and non VLAN aware Linux bridge configs. This seems to come up multiple times a a week.

Change your switch config to only send tagged traffic to the Proxmox host for the eno1 port.

To do what you want with a VLAN aware bridge:

Code: 
auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual

auto vmbr0
iface vmbr0 inet manual
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094
#VLANs Bridge

auto Management
iface Management inet static
    address 192.168.100.11/24
    gateway 192.168.100.1
    vlan-id 100
    vlan-raw-device vmbr0
#PVE Management Interface

When you add a VM, specify Bridge as vmbr0 and specify the required VLAN Tag.

This can all be done via the GUI.
 
Last edited:
  • Like
Reactions: agarg
mjtbrady said:
Yes it can be done on one interface.

I think that you are muddling VLAN aware and non VLAN aware Linux bridge configs. This seems to come up multiple times a a week.

Change your switch config to only send tagged traffic to the Proxmox host for the eno1 port.

To do what you want with a VLAN aware bridge:

Code: 
auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual

auto vmbr0
iface vmbr0 inet manual
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094
#VLANs Bridge

auto Management
iface Management inet static
    address 192.168.100.11/24
    gateway 192.168.100.1
    vlan-id 100
    vlan-raw-device vmbr0
#PVE Management Interface

When you add a VM, specify Bridge as vmbr0 and specify the required VLAN Tag.

This can all be done via the GUI.
Click to expand...
This is amazing.
Thanks.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back