question for management port

[smurphy.it]

Good day. Currently using l3 switches in the environment (ubiquity flex switcehs). Trying to setup proxmox with a management port, and a bond. Looking for advice on the best method.
Currently I have 4 network strands going into the proxmox rack server, 2 per vlan. VLAN 50 (mgmt) and VLAN 30 (lab).

My initial thoughts were to have 1 ethernet interface from VLAN 50 to be the IP of the proxmox system. The 2nd interface could be utilized later as a WAN interface if I decide to setup pfsense. The 2 strands from VLAN30 would be setup as a bond (switches don't do lacp).

Now my question would be what is the best way to configure this:

1) configure vmbr0 (vlan 50 strand) for vlan aware, and then add a tagged vlan mgmt IP as say vmbr0.50 and set the proxmox IP
2) have proxmox IP on an ethernet interface, create bond (from 2 x vlan 30), then create a vmbr0 using bond0 as the backing device. This way by default all VMs will function on vlan30.
3) something else

 

[smurphy.it]

Suspect an issue here for sure. Laid out this configuration from /etc/network/interfaces:

auto lo
iface lo inet loopback

auto enp6s0f1
iface enp6s0f1 inet manual

auto ens1f1
iface ens1f1 inet manual

auto ens1f0
iface ens1f0 inet static
    address 192.168.50.3/29
    gateway 192.168.50.1

auto vmbr1
iface vmbr1 inet static
    address 192.168.30.2/24
    gateway 192.168.30.1
    bridge-ports bond0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

With a tcpdump I noted this:

IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from xx:xx:xx:xx:xx:xx, length 300, xid 0x3ac56038, secs 3, Flags [none] (0x0000)
      Client-Ethernet-Address xx:xx:xx:xx:xx:xx
      Vendor-rfc1048 Extensions
        Magic Cookie 0x63825363
        DHCP-Message (53), length 1: Discover
        Requested-IP (50), length 4: 192.168.50.4
        Hostname (12), length 3: "web"
        Parameter-Request (55), length 13: 
          Subnet-Mask (1), BR (28), Time-Zone (2), Default-Gateway (3)
          Domain-Name (15), Domain-Name-Server (6), Unknown (119), Hostname (12)
          Netbios-Name-Server (44), Netbios-Scope (47), MTU (26), Classless-Static-Route (121)
          NTP (42)

IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
    192.168.30.1.67 > 192.168.30.116.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x3ac56038, Flags [none] (0x0000)
      Your-IP 192.168.30.116
      Client-Ethernet-Address xx:xx:xx:xx:xx:xx
      Vendor-rfc1048 Extensions
        Magic Cookie 0x63825363
        DHCP-Message (53), length 1: Offer
        Server-ID (54), length 4: 192.168.30.1
        Lease-Time (51), length 4: 86400
        Subnet-Mask (1), length 4: 255.255.255.0
        Default-Gateway (3), length 4: 192.168.30.1
        Domain-Name-Server (6), length 4: 192.168.30.1

note: all the cat cables plugged from server to the switch are on tagged vlans, no untagged vlans are connected to the switch.

Not quite sure why it's trying to get a dhcp lease from the .50 network. As the VM is only configured to have vmbr1 as it's network adapter.