Doubt About VLANs

Discussion in 'Proxmox VE: Networking and Firewall' started by izaak, Sep 13, 2018.

  1. izaak

    izaak New Member

    Joined:
    Sep 13, 2018
    Messages:
    3
    Likes Received:
    0
    Hey, I was reading the docs and made some tests trying to understand how VLAN works with bridges, something that I'm not used to.

    As far as I understand, it looks like:
    VLAN aware is for multiple VLANs on one interface/bridge and it's guest, without creating a eth.x to each x VLAN that I have, and for it works, I need to create a bridge, associate it with my desired interface, mark vlan-aware option and then, inside the VMs network interface's mark my tagged VLAN, and then mark it inside my host(in my case, pfsense WAN interface), right?

    And for bridge without vlan aware, I need to create one interface eth.x for each vlan and associate it with a new bridge, it will be a bridge per vlan, and then I just put the interface on my guest network interface's tab and it will be seen by my host, right?

    I tried the two approaches, but it didn't work. I think I misunderstood something in VLAN configuration, so It's just for learning purposes, if someone can clarify it a bit, I'll be very grateful :)
     
  2. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,257
    Likes Received:
    276
    You simply create a bridge. Then you assign the VLAN tag on the GUI - it's a VM network configuration.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. izaak

    izaak New Member

    Joined:
    Sep 13, 2018
    Messages:
    3
    Likes Received:
    0
    So, if I put a bridge vmbr1 with my eth.x assigned to it and then, in VM network options, assign a tag x to my interface based on the bridge vmbr1, I will see the tagged frames inside my VM, right?

    So, I have a enp11s0, and I made a bridge vmbr30 with enp11s0.30 assgined to it, on GUI, and then in my VM I created a net1 with vmbr30 and tag=30. In my brctl show, it looks like:

    bridge name bridge id STP enabled interfaces
    vmbr0 8000.5cf3fcfd67f2 no enp6s0
    tap102i0

    vmbr30 8000.5cf3fcfd67f3 no enp11s0.30

    vmbr30v30 8000.5cf3fcfd67f3 no enp11s0.30.30
    tap102i1

    So, if I tag my virtual interface(tap102i1), it creates a new enp11s0.30.30 and bridge vmbr30v30, as I understood, if I create a bridge I cannot tag it on my interface, because it will tag the vlan 2 times, is that correct?

    I tried creating the bridge without tagging and it looks like:
    bridge name bridge id STP enabled interfaces
    vmbr0 8000.5cf3fcfd67f2 no enp6s0
    tap102i0

    vmbr30 8000.5cf3fcfd67f3 no enp11s0.30
    tap102i1

    I tried both ways, tried to search for VLAN tag in all interfaces with tcpdump(tcpdump -vv -i iface -e vlan) and it seems my tagged traffic(port is set to vlan 30 as access mode on switch) only shows on my physical enp11s0, not vmbr30 or enp11s0.30, if I can't see it on my virtual interfaces I cannot see it on my host, right? Is something that I made wrong?
     
  4. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,257
    Likes Received:
    276
    no - simply use eth (no vlan tag here) for the bridge.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. izaak

    izaak New Member

    Joined:
    Sep 13, 2018
    Messages:
    3
    Likes Received:
    0
    Hi,

    I tried this and didn't setup a vlan on interface of my pfsense and it worked, like in Xenserver.

    If you can clarify one more doubt, if I have multiple VLANs(proxmox connected to a trunk port) on same physical interface, the best approach is using my vmbr with VLAN aware and setup the vlan tags inside my VM's network configuration?

    Thanks!
     
  6. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,257
    Likes Received:
    276
    Yes, this should work.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice