[SOLVED] Configuring pve with vlan aware and host on specific vlan

O

oz1cw7yymn

Active Member
Feb 13, 2019
87
12
28
Hi all,

This is probably very easy for any regular networking engineer, but I'm stumped.

I am trying to set up a pve host on vlan 2 and I want to be able to configure VMs/CTs to be on any of the available VLANs. I'm just not getting it to work.

I've set everything up as I think it should be configured.

interfaces:
Code: 
iface eno1 inet manual

iface vmbr0 inet static
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vmbr0.2
iface vmbr0.2 inet static
       address 10.2.1.10/24
       gateway 10.2.1.1

My switch has the port configured as trunk.

This doesn't work.

If I configure the switch to access, set the port vlan 2 and set the IP on the vmbr0, I can ping the IP. If I change the port vlan to something else, I won't get through.

So, it seems to be (but I might be wrong) that there is no problem with the network/switch/router configuration. Traffic is routed between vlan 1 and 2, and access port with vlan set works.

I've also configured the port as trunk, setting native vlan to 2, leaving the IP on vmbr0 (vmbr0 is still vlan aware). I can communicate with the host. If I start a vm, with VLAN tag 1, it will still get dhcp from vlan 2, so that won't work for my scenario.

If I then recreate the vlan vmbr0.2, move the IP to that device and apply, my pings to the host IP start failing. However, the VM still receives the DHCP response (from vlan2), suggesting to me that the bridge is not vlan aware and only the native vlan is used untagged.
 
Thanks!

I'm following the instructions in 3.4.8 in the documentation, a variant of this example:
Code: 
Example: Use VLAN 5 for the Proxmox VE management IP with VLAN aware Linux bridge

auto lo
iface lo inet loopback

iface eno1 inet manual


auto vmbr0.5
iface vmbr0.5 inet static
        address  10.10.10.2/24
        gateway  10.10.10.1

auto vmbr0
iface vmbr0 inet manual
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

Is that not in fact supported?
 
Code: 
auto eno1
iface eno1 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vmbr0.2
iface vmbr0.2 inet static
       address 10.2.1.10/24
       gateway 10.2.1.1

don't forgot "auto ..." , and "vmbr0 inet manual" not static, because you don't have ip address on vmbr0

it should works.

(be carefull than some nic don't support 4094 vlans, so maybe you need to reduce the bridge-vids range.
 
  • Like
Reactions: hakayova, oz1cw7yymn and vesalius
I managed to resolve this and it seems I had two issues having nothing to do with my configuration above. The documentation and assistance from @spirit was all correct.

For anyone similarly network challenged, these are my unrelated issues.
One issue I was having was that I had incorrectly used a native vlan that wasn't 1, making vlan I was testing not work.
Another issue was that to remotely work with the machine, I had set an IP and gw on another nic, and the two gateways prevented the configuration to work properly.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back