Assign multiple vlan tags to one vm

P

padi

Member
Sep 7, 2018
22
0
6
30
Hi :)

I'm wandering if I can assign multiple vlan tags to one vm

It is possible? If yes, how?

I'm trying to get something like
Code: 
openvpn.vm (10.10.0.2)  <===>  ctrl.vm  (10.10.0.3)
                               vmX.1    (10.10.X.2)
                               vmX.2    (10.10.X.3)
where 10.10.0.x is in VLANY, VLANY is the main ( global ) vlan
and 10.10.X.X is in VLANX.
So all packages from VLANY have access to any of VLANX and packages from VLANX have access to VLANY.

There will be more than 32 subnets so adding a nic for every subnet is not an option.

Thanks,
Adrian
 
Last edited:
If you have a vlan-aware bridge you can configure all the VLANs inside the VM. If you set the VLAN outside, in the config for the NIC interface, it will behave like an untagged switch port and the VM itself has no knowledge of a VLAN.
 
aaron said:
If you have a vlan-aware bridge you can configure all the VLANs inside the VM.
Click to expand...
I cannot set the vlan inside vm
aaron said:
If you set the VLAN outside, in the config for the NIC interface, it will behave like an untagged switch port and the VM itself has no knowledge of a VLAN.
Click to expand...

my first try is:
Code: 
iface eno2 inet manual
iface eno2.1 inet manual
iface eno2.5 inet manual

auto vmbr1v1
iface vmbr1v1 inet static
        address  10.10.10.2
        netmask  255.255.0.0
#        gateway  10.10.10.1
        bridge_ports eno2.5
        bridge_stp off
        bridge_fd 0

auto vmbr1v5
iface vmbr1v5 inet static
        address  10.10.15.2
        netmask  255.255.0.0
        #gateway  10.10.10.1
        bridge_ports eno2.5
        bridge_stp off
        bridge_fd 0

auto vmbr1
iface vmbr1 inet manual
        bridge_ports eno2
        bridge_stp off
        bridge_fd 0
and if I apply a tag in the proxmox vm's network config, I can't ping a vm without VLAN tag. Can I set, somehow, 2 or multiple vlan tags to the proxmox vm's network config

What I'm trying to achieve is a MASTER subnet/vlan which will have access to all SLAVES subnets/vlans and all SLAVES have access only to them or to MASTER. Same as first post <code>
 
I found this in docs:
trunks=<vlanid[;vlanid...]>
VLAN ids to pass through the interface
Click to expand...
This is for the scenario when the VLAN is set inside the VM?
 
I think I find a solution ...
Code: 
auto vmbr1
iface vmbr1 inet static
        address 10.10.1.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0

auto vmbr2
iface vmbr2 inet static
        address 10.10.2.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0

auto vmbr3
iface vmbr3 inet static
        address 10.10.3.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
and add sysctl -w net.ipv4.ip_forward=1 and forward all traffic to/from vmbr1
Code: 
iptables -A FORWARD -i vmbr1 -j ACCEPT
iptables -A FORWARD -o vmbr1 -j ACCEPT
so vmbr1 is able to communicate with both vmbr2 and 3 and vmbr2 only with vmbr1, same for vmbr3
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back