How to configure Vlans for Proxmox VE

W

waqasbj

New Member
Oct 17, 2010
3
0
1
Hi ,

First of all , thank you for the great product. It is fantastic.

I have a question regarding vlan tagging.

We have 4 different vlans in our org. I have couple of machine that belongs to different vlans. e.g windows server is needed one vlan id 1 and 2. linux is require on 3 and 4. Is there a way to achieve this.

Can anybody explain how i can achieve this.

Kind Regards,
 
waqasbj said:
Hi ,

First of all , thank you for the great product. It is fantastic.

I have a question regarding vlan tagging.

We have 4 different vlans in our org. I have couple of machine that belongs to different vlans. e.g windows server is needed one vlan id 1 and 2. linux is require on 3 and 4. Is there a way to achieve this.

Can anybody explain how i can achieve this.

Kind Regards,
Click to expand...
Hi,
thats easy - use the build-in linux function for 802.1q.

Example for /etc/netwok/interfaces:
Code: 
# network interface settings
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static

auto eth0.1
iface eth0.1 inet static

auto eth0.2
iface eth0.2 inet static

auto eth0.3
iface eth0.3 inet static

auto eth0.10
iface eth0.10 inet static

auto vmbr0
iface vmbr0 inet static
    address  192.168.100.111
    netmask  255.255.255.0
    gateway  192.168.100.1
    bridge_ports eth0.10
    bridge_stp off
    bridge_fd 0

auto vmbr1
iface vmbr100 inet manual
    bridge_ports eth0.1
    bridge_stp off
    bridge_fd 0

auto vmbr2
iface vmbr100 inet manual
    bridge_ports eth0.2
    bridge_stp off
    bridge_fd 0

auto vmbr3
iface vmbr3 inet manual
    bridge_ports eth0.3
    bridge_stp off
    bridge_fd 0

Udo
 
Hi,

Thanks for the hint. I have been playing with these settings for now couple of days and cannot make them to work.

Below settings work for me but i dont want to assign an ip to proxmox server. I just to to assign ip to my vm using this trunk which is not working.

auto eth0.1
iface eth0.1 inet static

auto vmbr0
iface vmbr0 inet dhcp
bridge_stp off
bridge_fd 0


Can this be something to do with the virtual network drive i am using ? I have tried using e1000 and rtl8139.

I want to use this vlan with windows. With debain it work as i can vlan tag it from inside that vm.

I hope that make sense. If not please let me know and i will try to explain more.

Kind Regards,
Moh
 
Hi,

I tried that, too. I didn´t work for me. I could not passthrough tagging information to my virtual machine. Perhaps the bridge has to be configured a different way.

macday
 
waqasbj said:
Hi,

Thanks for the hint. I have been playing with these settings for now couple of days and cannot make them to work.

Below settings work for me but i dont want to assign an ip to proxmox server. I just to to assign ip to my vm using this trunk which is not working.

auto eth0.1
iface eth0.1 inet static

auto vmbr0
iface vmbr0 inet dhcp
bridge_stp off
bridge_fd 0


Can this be something to do with the virtual network drive i am using ? I have tried using e1000 and rtl8139.

I want to use this vlan with windows. With debain it work as i can vlan tag it from inside that vm.

I hope that make sense. If not please let me know and i will try to explain more.

Kind Regards,
Moh
Click to expand...
Hi,
perhaps you can bridge ethx and use the vlan-tagging inside the guest...

But i prefer the vlan-splitting on the proxmox host and use simply two nics inside the guest if you need two networks(without tagging, of course). Where is the problem?

Udo

EDIT: And your proxmox-node need only one IP to be reachable (vmbr0) - all other vmbr don't need a IP, with or without vlan tagging.
 
@Udo - In your example, which interface on your PX Host is physically connected to the 802.1q trunk port on your switch?

I have a 3node PX cluster and Cisco gear. Each host/node has 4 NICs. I am trying to do something like this:

PX Hosts/Nodes Cisco Switch

....................................................----Eth0-----------------------port22(access port VLAN "SAN VLAN")
...................................................|
.Bond for ISCSI with IP address-----
...................................................|
.....................................................---Eth1-----------------------port23(access port VLAN "SAN VLAN")


................................................----Eth2-----------------------port24(setup as trunk port 802.1Q VLAN allow all)
...............................................|
.(multiple vmbr)----Bond-------------
...............................................|
...............................................---Eth3-----------------------port25(setup as trunk port 802.1Q VLAN allow all)
 
Last edited:
  • Like
Reactions: Zerokurns
mdn said:
@Udo - In your example, which interface on your PX Host is physically connected to the 802.1q trunk port on your switch?

I have a 3node PX cluster and Cisco gear. Each host/node has 4 NICs. I am trying to do something like this:

PX Hosts/Nodes Cisco Switch

....................................................----Eth0-----------------------port22(access port VLAN "SAN VLAN")
...................................................|
.Bond for ISCSI with IP address-----
...................................................|
.....................................................---Eth1-----------------------port23(access port VLAN "SAN VLAN")


................................................----Eth2-----------------------port24(setup as trunk port 802.1Q VLAN allow all)
...............................................|
.(multiple vmbr)----Bond-------------
...............................................|
...............................................---Eth3-----------------------port25(setup as trunk port 802.1Q VLAN allow all)
Click to expand...
Hi,
in the example isn't any trunk. I have no experiences with vlan-tagging over trunks... some people have trouble with this (i assume it's depends also on the switch).
If you have trouble, whats about something like this:
eth2: vlan 1-50
eth3: vlan 51-100
OK, you have no true balanced nics and no failover (but NICs are very stable).

Udo
 
So using your example, would I just have an access port on the Cisco with those VLANs allowed?
Does this cause any security problems(ie. a possible bridge between VLANs at that point)?
How do you identify on the new vmbr which VLAN it belongs to with Proxmox?

I didn't want to resurrect an old thread, but I am having trouble finding this specific info.

Thank you very much for replying.
 
mdn said:
So using your example, would I just have an access port on the Cisco with those VLANs allowed?
Click to expand...
right!
Does this cause any security problems(ie. a possible bridge between VLANs at that point)?
Click to expand...
no - your pve-host has only the vlan as bridged device - only possible, if you assign an ip-address to that bridge (not necessary). But of course you must look what your VMs are doing if they have more than one vlan connected.
How do you identify on the new vmbr which VLAN it belongs to with Proxmox?
Click to expand...
I use the same number for vlan and bridge - e.g. vlan20 was assigned to vmbr20.

Udo
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back