Ok, I've read over the different guides for OVS bridges with vlans, but I can't seem to get my problem solved without resorting to the CLI, which I don't want to do after my system goes live.
I have a VM guest that is essentially a router, and normally expects the hardware it is running on to have two ethernet ports: one WAN and one LAN. The VM host does not have a physical port for the LAN interface, so I have used vlan 3000 to attach a physical port from a smart switch as the LAN port. When configuring the LAN network interface in proxmox, I use the vlan tag 3000 and all seems to work...untagged traffic fed into the port on the switch appears in the vlan also untagged and is handled correctly by the guest VM.
However, the problem is that the guest VM is also excepting to receive traffic tagged with vlans of 100, 600, or 800 in addition to untagged packets. With the current setup, the tagged traffic never makes it to the guest VM unless I removed the 3000 tag from the interface.
I have found that if I put the network interface used for the guest's LAN port into native-untagged, everything works as expected. The command I have to give on the VM host is:
ovs-vsctl set port tap601i1 vlan_mode=native-untagged
Unfortunately, since the VM guest interfaces are added to the OVS bridge dynamically, the native-untagged is not persistent (over resets or even network interface changes, like simply changing the access vlan number).
Is there any way to force the VM's network into native-untagged whenever that interface is configured on the switch? Is there another way I should be doing this?
I have a VM guest that is essentially a router, and normally expects the hardware it is running on to have two ethernet ports: one WAN and one LAN. The VM host does not have a physical port for the LAN interface, so I have used vlan 3000 to attach a physical port from a smart switch as the LAN port. When configuring the LAN network interface in proxmox, I use the vlan tag 3000 and all seems to work...untagged traffic fed into the port on the switch appears in the vlan also untagged and is handled correctly by the guest VM.
However, the problem is that the guest VM is also excepting to receive traffic tagged with vlans of 100, 600, or 800 in addition to untagged packets. With the current setup, the tagged traffic never makes it to the guest VM unless I removed the 3000 tag from the interface.
I have found that if I put the network interface used for the guest's LAN port into native-untagged, everything works as expected. The command I have to give on the VM host is:
ovs-vsctl set port tap601i1 vlan_mode=native-untagged
Unfortunately, since the VM guest interfaces are added to the OVS bridge dynamically, the native-untagged is not persistent (over resets or even network interface changes, like simply changing the access vlan number).
Is there any way to force the VM's network into native-untagged whenever that interface is configured on the switch? Is there another way I should be doing this?
