PVE 8.1 VLAN and Bridges!

Fazio8

New Member
Jan 9, 2023
20
1
3
Hello,
I'm trying to setup multiple VLAN on Proxmox, to use a LXC/VM as main DHCP/DNS for all my VLANs (Main, IOT, Guest).
Currently, the VLANs are configured on opnSense VM (1 LAN interface, connecting all the equipments via managed switch). The LAN interfaces is currently exposed via vmbr0 bridge (vmbr0 Proxmox, vtnet1 opnsense):

1715096359121.png

I also have an Omada Controller LXC (just using vmbr0) which is configured to deploy guest SSID with tag 99.
As of now, I'm able to use the guest VLAN99 with no custom configuration on Proxmox or OpnSense VM.

1715096620868.png
enp5s0 is the physical interface connected to the switch, vmbr0 is using enp5s0 as bridge port.

Currently, opnsense is able to provide DHCP/DNS and internet access on VLAN99 (guest).
I would like to configure Proxmox, in order to add these VLANs in other VM/LXC via NIC.
I tried:
  1. mark vmbr0 as VLAN Aware, add vmbr0 to VM/LXC and set VLAN tag to 99 >>> VM unable to reach opnsense (192.168.99.1, firewall is clear).
  2. configure a Linux VLAN with VLAN Raw IF vmbr0 and tag 99 >>> VM unable to reach opnsense (192.168.99.1, firewall is clear)
With the solutions above, Proxmox host (192.168.99.11) is unable to reach opnSense on VLAN 99 (192.168.99.1), but I'm able to ping any other VM I had to the newly VLAN99 bridge.

I also noticed that if I implement one of the solutions above, my wireless clients connected to guest SSID (vlan 99) are unable to communicate. As soon as I restored the configuration of vmbr0 to VLAN NOT Aware, clients are able to reach opnsense on guest VLAN interface at 192.168.99.1.

Am I performing double tagging? How should configure Proxmox to perform VLAN tagging and allow communications between VMs and devices on different VLANs?
Also, I'll plan to switch the LAN bridging, by using PCI passthrough of the Intel NIC via SR-IOV. How would the configuration change?

Thanks for any hint!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!