Vlan Help

[crumb4life]

I am struggling to get Vlan's to work on Proxmox, I just moved over from ESXI(so I am used to port groups etc and vswitches)
I am trying to do what I think is a simple setup, but it is proving to not be.
Right now 2 nice
One is the Management NIC
One is my VLAN 255 nic that hooks to a HP switch in trunk mode with VLan 30, 254-255 membership.

auto lo
iface lo inet loopback

iface enp2s0 inet manual

iface enp4s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.253.2/24
        gateway 192.168.253.1
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0

auto vmbr255
iface vmbr255 inet manual
        bridge-ports enp4s0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vlan255
iface vlan255 inet manual
        vlan-raw-device vmbr255
        vlan-id 255

The VM is on bridge vmbr255 with vlan tag of 255

In this config I can prom the proxmox ssh console ping the ip 192.168.255.100 which is the static ip of the box.
The box itself can't ping anything the gatway 192.168.255.1 or anything else.
What am I missing?

 

[bobmc]

That looks to be correct, the management interface vmbr0 will be on whichever VLAN is untagged on the switch port for enp2s0

If you create a VM or CT and provision a NIC hosted on vmbr255, and set a VLAN tag of 255 then the VM network traffic will be on VLAN 255, if DHCP is enabled for that VLAN then the VM will receive an address in that scope, if not you would need to configure a static IP and Gateway

 

[aaron]

If I understand you correctly, you have the mgmt NIC which is in your case vmbr0 which is using the physical NIC enp2s0.

What do you want to achieve with the other interface which is connected to the trunk?

If you want to have VMs which are placed in these VLANs you can do it differently. Because right now, the vmbr255 and vlan255 setup does not really make sense to me.

Only `vmbrN` interfaces can be used to connect the NIC of a VM to. The bridges are basically virtual switches. If VMs should be able to set VLANs themselves you will have to make the bridge VLAN aware.
If you only want to configure the VLAN tag externally (NIC in the VMs hardware panel) you don't need the bridge to be VLAN aware. In either way, Proxmox VE will set up the network, so that the VLANs are configured accordingly (you can check the differences if you run ip all with a VLAN aware bridge and without). This is similar to configuring a switch port with a VLAN untagged.

If the mgmt interface will never be used by a VM, you could remove the vmbr0 and configure the IP directly on the physical interface.

AFAICT there is no need for the vlan255 interface and the vmbr255 could be named vmbr0 as the first "switch" to which VMs can be connected to.

 

[crumb4life]

I finally did get it to work with this config.

auto lo
iface lo inet loopback

iface enp2s0 inet manual

iface enp4s0 inet manual

iface enp8s0f0 inet manual

iface enp8s0f1 inet manual

iface enp9s0f0 inet manual

iface enp9s0f1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.253.2/24
        gateway 192.168.253.1
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0

auto vmbr255
iface vmbr255 inet manual
        bridge-ports enp9s0f1 enp8s0f1
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094
#DMZ

and then just tagging the VM with 255