Linux Bridge Equivalent with OVS? (Single Tagged Bridge)

baggar11

Renowned Member
Aug 14, 2015
26
1
68
Portland, OR
www.puddlehunters.net
I'm running Proxmox 4.4 w/ OpenvSwitch installed. I recently grabbed a 10g sfp+ card for the server and have it trunked to my firewall.

vlan 1 is native and untagged
vlan 10 is tagged
vlan 20 is tagged
vlan 100 is tagged

What I'm trying to do seems to be running me in circles. I've rebooted my Proxmox host over a 100 times in the last couple days trying different configs and cannot seem to get it working.

What I would like to do is setup an openvswitch bridge that "tags" all traffic on a defined vlan number, like 100. What I think is happening is, whenever I set a vlan on the bridge, that becomes the native vlan and then I get no test container connectivity. And in some cases, the bridge just doesn't come up due to a configuration error and then my test container won't even start.

So, what are the simple GUI steps in creating a bridge that will tag all traffic to a specific vlan? So that when I create a VM or container, all I have to do is assign the bridge interface and the vm will automatically be talking on that predefined vlan.

Can this be done with OpenvSwitch? Should I be using regular Linux bridges? Is it only configurable through the CLI?

example
vmbr100(on eth1) is vlan 100 only traffic that is "tagged"
create guest VM and assign vmbr100, do not configure vlan
Success!

Thanks!
 
Ok, just a follow up. Looks like most of this was a hardware issue from my quick testing. I had plugged into, what I thought was, port eth1. Although, I had replaced the motherboard on my proxmox host a couple months back and realized in my testing that eth1 wasn't UP. I then noticed my new udev rules had rearranged the ethX ports around. So I tested again once I had another interface that was UP and found the following.

1. Create Linux Bridge vmbr100 with VLAN aware option on eth1.100. Test VM on vmbr100 and no VLAN configured. Success!
2. Create OVS Bridge on eth1 with ovs_option of tag=100. The ovs bridge doesn't even come up. Errors saying 1 or 3 arguments is needed.
3. Create OVS Bridge on eth1. Test VM with VLAN 100 configured. Success.

So it sounds like #1 is what I was after. Anyone know if it's possible to replicate #1 with OVS?
 
>>So it sounds like #1 is what I was after. Anyone know if it's possible to replicate #1 with OVS?

first , for linux bridge, you don't need vlan aware if you don't use vlan in your vm.

and for ovs, this is exactly the same setup.
create an ovs bridge, and put eth1.100 inside it.

(and if you need only 1 vlan, you can also simply force it on your physical switch, and don't setup any vlan on proxmox)
 
first , for linux bridge, you don't need vlan aware if you don't use vlan in your vm.

and for ovs, this is exactly the same setup.
create an ovs bridge, and put eth1.100 inside it.

Ok, I guess I hadn't tested the Linux Bridge without the vlan aware option. I'll test that out.

And, when I try to create an OVS Bridge with port eth1.55, I get an error, unable to find port.
 
I think this is wrong..i think, you have to add vlan55 separat.
Evtl you can show your /etc/network/interfaces and someone find your problem...

That's the example from the wiki page that allows the Proxmox host to communicate on the VLAN, not to tag the bridge. Unless I'm misunderstanding you.

Here's my current /etc/network/interfaces. Basically, just Linux bridges for all vlans and a untagged vlan using OVS.

Code:
auto lo
iface lo inet loopback

iface eth2 inet manual

iface eth3 inet manual

iface eth1 inet manual

allow-vmbr0 eth4
iface eth4 inet manual
        ovs_type OVSPort
        ovs_bridge vmbr0

iface eth0 inet manual

auto vmbr100
iface vmbr100 inet static
        address  192.168.100.91
        netmask  255.255.255.0
        bridge_ports eth4.100
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
#MGMT

auto vmbr30
iface vmbr30 inet manual
        bridge_ports eth4.30
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
#wifi_camas, pf_norm

auto vmbr40
iface vmbr40 inet manual
        bridge_ports eth4.40
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
#pf_reg, no route

auto vmbr50
iface vmbr50 inet manual
        bridge_ports eth4.50
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
#pf_iso, no route

auto vmbr99
iface vmbr99 inet manual
        bridge_ports eth4.99
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
#DMZ

auto vmbr88
iface vmbr88 inet manual
        bridge_ports eth4.88
        bridge_stp off
        bridge_fd 0
        bridge_vlan_aware yes
#VPN

auto vmbr0
iface vmbr0 inet static
        address  192.168.10.91
        netmask  255.255.255.0
        gateway  192.168.10.1
        ovs_type OVSBridge
        ovs_ports eth4
#Servers, LAN
 
look here:
https://pve.proxmox.com/wiki/Open_vSwitch#Example_1:_Bridge_.2B_Internal_Ports_.2B_Untagged_traffic
...
allow-vmbr100 vlan100
iface vlan100 inet static
address 192.168.100.91
netmask 255.255.255.0
ovs_type OVSIntPort
ovs_bridge vmbr100
ovs_options tag=100
ovs_extra set interface ${IFACE} external-ids:iface-id=$(hostname -s)-${IFACE}-vif
#MGMT

But this only one fragment..for the whole interfaces you have to read the wiki again.
The Question is, if you really need more than one bridge...
And depending on your usecase...its enough / easier to use linux-bridges and eventually enable the vlan on your vm`s/containers config...
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!