SDN VLAN zone

UtilisateurCXS · 2025-12-22T11:57:42+0100

Here is my configuration, and I would like to understand why, because I thought that thanks to the vnet, the two VMs on the two vnets would not be able to ping each other, but they can.

Vmbr1 -> portX (trunk vlan 10 and 20)

First, you must have a bridge without vlan tagging:

Then create a VLAN-type zone:

Create the vnets with tags corresponding to your VLANs on your switch that are tagged:

I also tried to configure a rule, but I still get the same result:

Nemesiz · 2025-12-22T12:46:11+0100

Can you show VM network configuration ?

UtilisateurCXS · 2025-12-22T13:58:52+0100

UtilisateurCXS · 2025-12-22T14:47:32+0100

I would also like to know when to use the vnet firewall, because if isolation requires using the firewall above, the node firewall, then SDN is not very useful, is it?

Nemesiz · 2025-12-22T18:26:17+0100

Try to enable "VLAN Aware"

UtilisateurCXS · 2025-12-23T11:08:20+0100

This :

Or this :

Nemesiz · 2025-12-23T13:37:14+0100

VNet. Personally I`m not sure but lets try.

Search

Search

SDN VLAN zone

UtilisateurCXS

New Member

Attachments

Nemesiz

Renowned Member

UtilisateurCXS

New Member

Attachments

UtilisateurCXS

New Member

Nemesiz

Renowned Member

UtilisateurCXS

New Member

Nemesiz

Renowned Member

We value your privacy