Proxmox VE and VLAN tag stacking

Discussion in 'Proxmox VE: Networking and Firewall' started by skraw, Aug 13, 2019.

  1. skraw

    skraw New Member

    Joined:
    Aug 13, 2019
    Messages:
    1
    Likes Received:
    0
    Hello all,

    can anyone confirm that VLAN tag stacking works with Proxmox VE and bridging configured as "vlan-aware"?
    We are trying to make the following work:
    Many VLANs arrive at the host encapsulated in an outer VLAN 1008.
    Host bridge is vlan-aware. Guest gets an interface with tag=1008. So the outer VLAN tag should be stripped away. Guest handles all inner VLANs with separate vlan-interfaces. Outgoing traffic (of all guest vlan interfaces) is again encapsulated in VLAN1008 and switched to its destination (outside host).
    Does this work as expected?
    --
    Regards,
    Stephan

    PS: Let me explain this more detailed. It looks to us like the way in to the guest does in fact work. The (outer) tag is stripped and the vlans seem to be visible to the guest. But on the way out from the guest the outer tag does not seem to be added again. But this is exactly the feature we need. A tag has to be added back on outgoing packets no matter if they are already tagged or not. This is kind of a question around the tap-device. We found no valid information on the net about tag stacking with tap devices ...
     
    #1 skraw, Aug 13, 2019
    Last edited: Aug 14, 2019
  2. spirit

    spirit Well-Known Member

    Joined:
    Apr 2, 2010
    Messages:
    3,370
    Likes Received:
    140
    with vlan-aware brige, it's a little bit complex, because you need 2 bridge for each vlan.

    I think it's working with ifupdown2

    Code:
    auto vmbr0
    iface vmbr0 inet manual
           bridge-ports eth0
           bridge-stp off
           bridge-fd 0
           bridge-vlan-aware yes
    
    auto vmbr1
    iface vmbr1 inet manual
           bridge-ports vmbr0.408
           bridge-stp off
           bridge-fd 0
           bridge-vlan-aware yes
    

    But it can work with non vlan aware bridge too

    Code:
    auto vmbr0
    iface vmbr0 inet manual
           bridge-ports eth0.1008
           bridge-stp off
           bridge-fd 0
    
    then, when you add vlan "X" to a vm, proxmox will create a vmbr0vX with eth0.1008.X
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Stoiko Ivanov likes this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice