Proxmox and Q-in-Q

B

BoringASK

Member
Aug 9, 2018
13
0
6
30
Paris, France
Hello everyone,

I need to host a VM Pfsense on a Proxmox server to make a firewall.

The prerequisite is that the VM distributes the network over a dozen VLANs within a Q-in-Q.

So the VM has to have access to the Q-inQ, I tried this setup:

- Trunk tag of several VLANs on the second interface of my Proxmox server

- Creation of a VMBR interface with as bridge port: eth1.324 (Taking into account that my VLAN Q-in-Q is 324)Capture d’écran 2018-10-15 à 22.45.26.png
- Adding an interface on the VM of the VMBR carrying the VLAN 324 by adding a TAG on the VM interface
Capture d’écran 2018-10-15 à 22.45.35.png

But it doesn't seem to be working. I have seen several threads but I can't find the right solution.

Do you have any idea? I have attached 2 screenshot

B.A
 
Hi, it should work, but they are 2 kind of stacked vlan.

802.1q (vm) on 802.1q (transport)
and
802.1q(vm) on 802.1ad (transport)


By default 802.1q vlan are created.


I'm currently working on ifupdown2 package for proxmox (apt-get install ifupdown2, replace current ifupdown script),
where you can defined vlan-protocol in /etc/network/interfaces

iface vmbrxxx
.....
vlan-protocol 802.1ad
 
Thank you for your answer, however when I want to install ifupdown2 I have a block because APT wants to remove proxmox :
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
python-argcomplete
Suggested packages:
python-gvgen python-mako
The following packages will be REMOVED:
ifenslave ifupdown proxmox-ve pve-manager
The following NEW packages will be installed:
ifupdown2 python-argcomplete
0 upgraded, 2 newly installed, 4 to remove and 62 not upgraded.
Need to get 0 B/183 kB of archives.
After this operation, 8581 kB disk space will be freed.
Do you want to continue? [Y/n]
 
I have a typing error on the repo it actually works. The configuration is in place but obviously I still can't get my Q-inQ to work with the following configuration:

Capture d’écran 2018-10-16 à 11.30.08.png
 
BoringASK said:
I have a typing error on the repo it actually works. The configuration is in place but obviously I still can't get my Q-inQ to work with the following configuration:

View attachment 8411
Click to expand...

sorry, my mistake.

vlan-protocol need to be defined on eth1.324 interface

iface eth1.324
....
vlan-protocol 802.1ad
 
You must log in or register to reply here.
Top Bottom