Service VLANs (802.1ad) on Proxmox

[mctaguma]

Hi all,

I'm trying to tag 802.1ad rather than the normal 802.1q on vmbr0, which contains bond0, which contains two SFP+ interfaces.
I also need to be able to access other service VLANs on vmbr0 from some VM's, and still be able to access these on upstream switches.

Currently when I use this configuration, I'm unable to ping other IP's on the same subnet.

Photo (with IP address removed) of output of ip -d addr (at console as server is unreachable via network because of this issue):



Current content of /etc/network/interfaces:

auto lo
iface lo inet loopback

iface enp65s0f0 inet manual

iface enp65s0f1 inet manual

auto bond0
iface bond0 inet manual
    bond-slaves enp65s0f0 enp65s0f1
    bond-miimon 100
    bond-mode active-backup

auto vmbr0
iface vmbr0 inet manual
    bridge-ports bond0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    proto 802.1ad

auto vmbr0.700
iface vmbr0.700 inet manual
    proto 802.1ad
  
auto vmbr0.710
iface vmbr0.710 inet static
    address 192.168.1.121
    netmask 24
    gateway 192.168.1.1
    proto 802.1ad

ip neigh shows the following:

192.168.1.123 dev vmbr0.710 INCOMPLETE
192.168.1.1 dev vmbr0.710 INCOMPLETE
192.168.1.21 dev vmbr0.710 FAILED
192.168.1.122 dev vmbr0.710 INCOMPLETE

Thanks in advance to anyone who may be able to assist.

 

[spirit]

I'm don't known "proto 802.1ad" syntax.

if you use "ifupdown2", you can use "vlan-protocol 802.1ad" option on vmbr0. (it's global for the switch)

auto vmbr0
iface vmbr0 inet manual
    bridge-ports bond0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    vlan-protocol 802.1ad

I'm not sure it's supported with ifupdown1, but you can do it with a pre-up script

auto vmbr0
iface vmbr0 inet manual
    bridge-ports bond0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
   pre-up echo 0x88a8 > /sys/class/net/vmbr0/bridge/vlan_protocol

 

[spirit]

BTW,
they are a currently beta test for new sdn feature, where you can manage q-in-q networks

https://forum.proxmox.com/threads/proxmox-6-2-sdn-beta-test.69655/

 

[mctaguma]

Thanks for your reply.

I am using ifupdown2.

Trying that now. Where would I find documentation for the vlan-protocol 802.1ad setting / parameter?

Didn't work after an ifreload -a, so rebooting to see if it will work.
What is the correct way to reload networking without reboot with Proxmox?

Reluctant to use beta software, but will try it if necessary, thanks for the suggestion.

 

[mctaguma]

Tried with vlan-protocol 802.1ad, didn't work, and I saw no reference to 802.1ad or 0x88a8 in the output of ifreload -av.

Tried with the ifupdown1 method, didn't work, and I see the below output from ifreload -av:

 

[spirit]

Thanks for your reply.

I am using ifupdown2.

Trying that now. Where would I find documentation for the vlan-protocol 802.1ad setting / parameter?

Didn't work after an ifreload -a, so rebooting to see if it will work.
What is the correct way to reload networking without reboot with Proxmox?

Reluctant to use beta software, but will try it if necessary, thanks for the suggestion.

you can verify if it's correctly applied with a simple

cat /sys/class/net/vmbr0/bridge/vlan_protocol


you can also have full ifreload log with "ifreload -a -d" , or for vmbr0 only :"ifup vmbr0 -d"

 

[spirit]

Sorry,

it's "bridge-vlan-protocol" for the bridge vlanaware

("vlan-protocol is for tagging interfaces directly)


in ifupdown2, options list is avaible in source code, for differents plugins

for example:

/usr/share/ifupdown2/addons/bridge.py

 

[mctaguma]

Thank-you!

It's now using 802.1ad for both the bridge and the port, but I still can't ping. Will continue to troubleshoot.

 

[mctaguma]

It works! Needed to put vlan-protocol 802.1ad on bond0 as well.
Thank-you so much!