Apply 802.1p CoS Value - Linux Bridge

virtualbitz

Member
Nov 6, 2020
38
4
13
33
Is it possible to have a Linux bridge apply an 802.1p header to packets when it's applying the 802.1q header? I have a virtual firewall running on proxmox VE and my ISP requires an 802.1p value of 3 and an 802.1q value of 2 to work properly. Right now I have to use a dedicated Linux bridge, tied to a dedicated physical interface, connected to a dedicated switch which is applying the 802.1q and 802.1p header.

I realize this is probably more a Linux bridge question, but I've been having a hard time finding information on this subject. I wanted to use an OVS bridge, which seems like it may support 802.1p headers, but I can't set a preferred interface on an OVS bond, which kills my design of having a 10g network and 1g network with the 10g network being preferred unless it's down.
 
Hi,

as far I understand you have to use TC to enable QoS witch is capable of supporting 802.1p.
This kind of setup is not supported and I would use another approche.
As I understand your setup correct all traffic between the dedicated switch and the VM/CT are handled by a virtual firewall?

If so use PCIe pass-through [1] the nic to the virtual firewall and do inside what you will do.

1.) https://pve.proxmox.com/wiki/PCI(e)_Passthrough
 
Thanks for the reply, unfortunately I couldn't get this to work with my virtual firewall. It's a Fortigate, and while I can set 802.1p for traffic that flows through firewall policies, it doesn't apply to kernel originated traffic like IPsec.

If this isn't supported and not recommended by you guys, I think I'm going to stick with my current setup. It works, I was just trying to do all of the tagging of 802.1q and p on the Proxmox host.
 
The OVS Methode should work.
Default the primary port is the fastest one, but you can use the options to set primary: <protname>.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!