Howto separate traffic from VM's using OVS vlans with the same gateway

[chris_lee]

Dear collegues,

I was really exited about the new ovs integration, as it would further simplify and centralize the administration of cluster installations.
So I tried to switch to ovs. I run 2 NICs that form a bond and a ovs_bridge that is connected to the bond. This setting is working so far.

Now I want to capsulate the network of a group of (KVM) VM`s, so they can no longer talk to each other but still can use the internet connection.
I was thinking of something like this: vm1 => vlan1, vm2 => vlan2, vm3+4+5 =>vlan3
How does this setup correspond to the proxmox network configuration?

The /etc/network/interfaces of my test-setup looks like this:

[FONT=Menlo]iface eth2 inet manual[/FONT]
[FONT=Menlo]iface eth1 inet manual[/FONT]
[FONT=Menlo]
[/FONT]
[FONT=Menlo]allow-vmbr0 bond0[/FONT]
[FONT=Menlo]iface bond0 inet manual[/FONT]
[FONT=Menlo]        ovs_bonds eth1 eth2[/FONT]
[FONT=Menlo]        ovs_type OVSBond[/FONT]
[FONT=Menlo]        ovs_bridge vmbr0[/FONT]
[FONT=Menlo]        ovs_options bond_mode=balance-slb[/FONT]
[FONT=Menlo]
[/FONT]
[FONT=Menlo]auto vmbr0[/FONT]
[FONT=Menlo]iface vmbr0 inet static[/FONT]
[FONT=Menlo]        address  192.168.178.63[/FONT]
[FONT=Menlo]        netmask  255.255.255.0[/FONT]
[FONT=Menlo]        gateway  192.168.178.1[/FONT]
[FONT=Menlo]        ovs_type OVSBridge[/FONT]
[FONT=Menlo]        ovs_ports bond0[/FONT]

I´ve read the ovs tutorial of the wiki. Do I really need to use OVSIntPorts for every vlan? This would make a reboot necessary after every adding new vlans, which would not be practical for productive setups.

Chris