Open vSwitch with CTs and VLANs

MimCom

Active Member
Apr 22, 2011
204
3
38
Southwest NM
Thanks mostly to Mr. Holmes, I now have my basic OVS configuration working on PVE.

There appear to be some challenges when using VLANs with CTs. To summarize:


Assigning venet IP addresses would really be the best option, but does not appear work with VLANs.


Assigning a veth interface and configuring inside the CT has limitations:

Standard linux syntax for VLANs in ifconfig scripts do not appear work in CTs.

I created a veth named eth0.55 for ct103 using the PVE GUI. It did create the port, but as an untagged standard Ethernet instead of a vlan 55 tagged interface like you might expect. This is a Centos 6 CT, so I used system-config-network to add the interface to the local config. Turns out system-config-network does not understand VLANs yet, so I manually added the line VLAN=yes to /etc/sysconfig/network-scripts/ifcfg-eth0.55 that it created -- which made the script stop working completely. I'm guessing the lack of the 8021q kernel module in the CT is probably the cause of this.

Once that got straightened out, I still had to add the internal veth address (the one the host sees) into the bridge with the proper vlan tag from the command line of the host:

ovs-vsctl add-port vmbr0 veth103.0 tag=55

After this, things work as expected.


Hopefully the PVE GUI will evolve a bit on VLANs. Let me suggest one option: Whenever a veth is created having a dot.something numerical name, parse the digits to the right of the dot and use those to assign a vlan to the internal (host) port in OVS. If you want to make it even easier to read the configs, use the same digits to postpend the internal port name when it is created (e.g. veth103.55 instead of veth103.0)
 
Last edited:
Any updates on OVS with containers?

Just had to restart a node, and would love to find a way to eliminate these manual steps from startup:

ovs-vsctl del-port vmbr0 veth107.0
ovs-vsctl add-port vmbr0 veth107.0 tag=11
 
OK, have 3.3 running and see the info in the GUI. Nice!

It shows the existing VLAN config, but all are marked as No in the Autostart column and when I click on Edit, the dialog has no option for autostart that I can see?
 
OK, seems like there is no need for an Autostart on the VLANs as enumerated in the node's Network tab. Once the VLAN ID is entered into the CT's Network tab, the config persists across a reboot.

Thanks -- been waiting years to be able to fully utilize VLANs in CT's!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!