PVE 9.2 SDN - two bridges required?

T

tjk

Well-Known Member
May 3, 2021
117
14
58
Hey All,

Moving our fleet to SDN and have been testing on a new cluster but I think I'm missing something.

Are two bridges required to operate properly? Our setup is we have a bond, on the bond we have a mgmt vlan for hypervisor and mgmt vm's, and then we have a number of vlans for vmguests, pretty standard setup.

With one bridge, when I have the zone setup to use vmbr0, the other vnets show up as bond0.801.700 for example.

When I use two bridges, and set zone to use vmbr1 everything appears to work.

Here is what the interfaces looks like with two bridges and working:

Code: 
auto vmbr0
iface vmbr0 inet static
        address 10.100.100.34/24
        gateway 10.100.100.1
        bridge-ports bond0.801
        bridge-stp off
        bridge-fd 0
#VL801 - Mgmt Network

auto vmbr1
iface vmbr1 inet manual
        bridge-ports bond0
        bridge-stp off
        bridge-fd 0

Also, I lose connectivity if I define vlan 801 as a vnet inside the zone, I assume since it is already defined on each host as the mgmt vlan?

Thanks for any guidance, just wondering what the best and most efficient way to do this is.

TJK
 
In your case it makes sense to create a single VLAN-aware bridge, with bond0 as bridge port:

Code: 
auto vmbr0
iface vmbr0 inet manual
    bridge-ports bond0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

Then configure the IP for the host on that bridge instead:

Code: 
auto vmbr0.801
iface vmbr0.801 inet static
        address 10.100.100.34/24
        gateway 10.100.100.1

This should work with the SDN VLAN zone as well and requires only one bridge to be used.
 
Last edited:
Thank you this worked as long as I don't have vlan 801 defined as a vnet.

Is there a way around this, to use vlan 801 for the mgmt of the node but also define it as a vnet?

When I have it in the vnet and reboot the node, I lose access to the node.

Sorry to attach picture but its from drac:

1780660872830.png

TLDR Using 801 as node mgmt and defined as a vnet breaks node mgmt connectivity.
 
My bad, sorry - if you want to use VLAN 801 as VNet as well, you'd configure the IP on the interface of the VNet (in /etc/network/interfaces), like so:

Code: 
auto vnet801
iface vnet801 inet static
        address 10.100.100.34/24
        gateway 10.100.100.1
 
  • Like
Reactions: tjk
Thanks, except it won't work on a new install since no vnets are defined, its the chicken and egg issue.

Tom
 
You must log in or register to reply here.
Top Bottom
Back