I'm running Vyatta in a VM as my firewall and wish to use vlan trunking to simplify my configuration (I have 80 or so vlans). Is it possible to just pass through one interface into the VM that contains the entire trunk?
forwarding a full vlan trunk into a VM
- Thread starter prometheanfire
- Start date
Just so people know. Found this.
My solution will be to have eth0 -> br0 -> vif and split of vlans based on br0, not eth0
Found the solution here - http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/
One way that proxmox can fix this is to do the following.
eth0 -> br0 to get the tagged trunk onto br0
br0.1, br0.2, br0.3, etc are created using vconfig and exist as untagged interfaces. You can add these untagged interfaces to other bridges and use those bridges in vms. You can also use br0 directly as a bridge for VMs (so they see all the vlans on the trunk that you have defined). He didn't define the adding of br0.3 and the like to other bridges in the blog, but you can do that
hope that makes sense
My solution will be to have eth0 -> br0 -> vif and split of vlans based on br0, not eth0
Found the solution here - http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/
One way that proxmox can fix this is to do the following.
eth0 -> br0 to get the tagged trunk onto br0
br0.1, br0.2, br0.3, etc are created using vconfig and exist as untagged interfaces. You can add these untagged interfaces to other bridges and use those bridges in vms. You can also use br0 directly as a bridge for VMs (so they see all the vlans on the trunk that you have defined). He didn't define the adding of br0.3 and the like to other bridges in the blog, but you can do that
hope that makes sense
Just so people know. Found this.
My solution will be to have eth0 -> br0 -> vif and split of vlans based on br0, not eth0
Found the solution here - http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/
One way that proxmox can fix this is to do the following.
eth0 -> br0 to get the tagged trunk onto br0
br0.1, br0.2, br0.3, etc are created using vconfig and exist as untagged interfaces. You can add these untagged interfaces to other bridges and use those bridges in vms. You can also use br0 directly as a bridge for VMs (so they see all the vlans on the trunk that you have defined). He didn't define the adding of br0.3 and the like to other bridges in the blog, but you can do that
hope that makes sense
sorry link is down ... i need that, too ... in the gui? in 2.2?
sorry link is down ... i need that, too ... in the gui? in 2.2?
Odd, link worked for me. I'll describe the commands needed though.
In this example I have two vlans, vlan 2 and 4. vlan 4 is for a group of vms, untagged. vlan 2 is tagged only.
I have vms 110-112 on vlan 4 untagged.
I have vm 113 on vlan 2 and 4 tagged.
Code:
brctl addbr br-trunk
brclt addbr br-vlan4
brctl addif br-trunk eth0
vconfig add br-trunk 2
vconfig add br-trunk 4
brctl addif br-vlan4 br-trunk.4
brctl addif br-vlan4 tap110i0
brctl addif br-vlan4 tap111i0
brctl addif br-vlan4 tap112i0
brctl addif br-bridge tap113i0
ifconfig br-trunk up
ifconfig br-vlan4 up
ifconfig br-trunk.2 up
ifconfig br-trunk.4 up
ifconfig tap110i0 up
ifconfig tap112i0 up
ifconfig tap113i0 up
ifconfig tap114i0 up
ifconfig eth0 upThat should do it.
you can integrate this in with proxmox's networking as a 'patch' like this.
You create the bridges with nothing but the VMs attached. Then you script out the building of the vlans and bridges and add that script to rc.local
here is my script, note that even though I add bridges that already exist (just making sure they exist really) it doesn't mater since it's more of a silent failure, I may remove those lines when I trust this setup more.
You create the bridges with nothing but the VMs attached. Then you script out the building of the vlans and bridges and add that script to rc.local
here is my script, note that even though I add bridges that already exist (just making sure they exist really) it doesn't mater since it's more of a silent failure, I may remove those lines when I trust this setup more
.
Code:
#!/bin/bash
brctl addbr vmbr1
brctl addif vmbr1 eth1
vconfig add vmbr1 2
vconfig add vmbr1 3
vconfig add vmbr1 4
vconfig add vmbr1 5
vconfig add vmbr1 6
vconfig add vmbr1 7
vconfig add vmbr1 9
vconfig add vmbr1 10
vconfig add vmbr1 11
vconfig add vmbr1 12
vconfig add vmbr1 13
ifconfig eth0 up
ifconfig vmbr1 up
ifconfig vmbr1.2 up
ifconfig vmbr1.3 up
ifconfig vmbr1.4 up
ifconfig vmbr1.5 up
ifconfig vmbr1.6 up
ifconfig vmbr1.7 up
ifconfig vmbr1.8 up
ifconfig vmbr1.9 up
ifconfig vmbr1.10 up
ifconfig vmbr1.11 up
ifconfig vmbr1.12 up
ifconfig vmbr1.13 up
brctl addbr vmbr3
brctl addbr vmbr6
brctl addbr vmbr13
ifconfig vmbr3 up
ifconfig vmbr6 up
ifconfig vmbr13 up
brctl addif vmbr3 vmbr1.3
brctl addif vmbr6 vmbr1.6
brctl addif vmbr13 vmbr1.13