Simple VLAN question

[Alternativende]

Hello guys,
im right now setting up my first VLAN with Proxmox and i have some troubles.

I have a server with two NIC´s which are bond together. These server acts now in two VLANs, VLAN1 and VLAN2. The configuration on the switch seems to work, i can ping my firewall from an untagged neighbour port for instance, but i wont reach the Debian VM on Proxmox.

On the Proxmox i have a Debian VM with two NICs, one should be in VLAN1 and one VLAN2.

Port 21 and 23 are untagged members of my VLAN2, Port 24 is a tagged member of VLAN1 and 2. When i try now to ping my Debian VM from Port 21 it fails, so it seems to me that the VM is not really in the VLAN2.



VLAN1=192.168.1.0
VLAN2=192.168.100.0

auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

auto bond0
iface bond0 inet manual
   bond-slaves eth0 eth1
   bond-miimon 100
   bond-mode 802.3ad
   bond-xmit-hash-policy layer3+4

auto vmbr0
iface vmbr0 inet static
   address  192.168.1.27
   netmask  255.255.255.0
   gateway  192.168.1.2
   bridge-ports bond0
   bridge-stp off
   bridge-fd 0
   bridge-vlan-aware yes
   bridge-vids 2-4094

auto vlan2
iface vlan2 inet manual
   vlan_raw_device bond0

auto vmbr1
iface vmbr1 inet static
   address  192.168.100.3
   netmask  255.255.255.0
   bridge-ports vlan2
   bridge-stp off
   bridge-fd 0
   network  192.168.100.0
   post-up ip route add table vlan2 default via 192.168.100.1 dev vmbr1
   post-up ip rule add from 192.168.100.0/24 table vlan2
   post-down ip route del table vlan2 default via 192.168.100.1 dev vmbr1
   post-down ip rule del from 192.168.100.0/24 table vlan2

# cat /etc/iproute2/rt_tables
#
# reserved values
#
255   local
254   main
253   default
0   unspec
#
# local
#
#1   inr.ruhep


#Tabble for VLAN2
2 vlan2

Here is a picture from the Debian VM.