Proxmox and Q-in-Q

BoringASK

New Member
Aug 9, 2018
12
0
1
24
Paris, France
Hello everyone,

I need to host a VM Pfsense on a Proxmox server to make a firewall.

The prerequisite is that the VM distributes the network over a dozen VLANs within a Q-in-Q.

So the VM has to have access to the Q-inQ, I tried this setup:

- Trunk tag of several VLANs on the second interface of my Proxmox server

- Creation of a VMBR interface with as bridge port: eth1.324 (Taking into account that my VLAN Q-in-Q is 324)Capture d’écran 2018-10-15 à 22.45.26.png
- Adding an interface on the VM of the VMBR carrying the VLAN 324 by adding a TAG on the VM interface
Capture d’écran 2018-10-15 à 22.45.35.png

But it doesn't seem to be working. I have seen several threads but I can't find the right solution.

Do you have any idea? I have attached 2 screenshot

B.A
 

spirit

Famous Member
Apr 2, 2010
3,734
185
83
www.odiso.com
Hi, it should work, but they are 2 kind of stacked vlan.

802.1q (vm) on 802.1q (transport)
and
802.1q(vm) on 802.1ad (transport)


By default 802.1q vlan are created.


I'm currently working on ifupdown2 package for proxmox (apt-get install ifupdown2, replace current ifupdown script),
where you can defined vlan-protocol in /etc/network/interfaces

iface vmbrxxx
.....
vlan-protocol 802.1ad
 

BoringASK

New Member
Aug 9, 2018
12
0
1
24
Paris, France
Thank you for your answer, however when I want to install ifupdown2 I have a block because APT wants to remove proxmox :
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
python-argcomplete
Suggested packages:
python-gvgen python-mako
The following packages will be REMOVED:
ifenslave ifupdown proxmox-ve pve-manager
The following NEW packages will be installed:
ifupdown2 python-argcomplete
0 upgraded, 2 newly installed, 4 to remove and 62 not upgraded.
Need to get 0 B/183 kB of archives.
After this operation, 8581 kB disk space will be freed.
Do you want to continue? [Y/n]
 

BoringASK

New Member
Aug 9, 2018
12
0
1
24
Paris, France
I have a typing error on the repo it actually works. The configuration is in place but obviously I still can't get my Q-inQ to work with the following configuration:

Capture d’écran 2018-10-16 à 11.30.08.png
 

spirit

Famous Member
Apr 2, 2010
3,734
185
83
www.odiso.com
I have a typing error on the repo it actually works. The configuration is in place but obviously I still can't get my Q-inQ to work with the following configuration:

View attachment 8411
sorry, my mistake.

vlan-protocol need to be defined on eth1.324 interface

iface eth1.324
....
vlan-protocol 802.1ad
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!