[SOLVED] trunk with vlan interfaces - vm has no network

6uellerbpanda

6uellerbpanda

Renowned Member
Sep 15, 2015
100
6
83
Linz
6uellerbpanda.gitlab.io
I've 2 phy interfaces
- eth0 which is connected to a cisco cat configured as trunk
- eth1 wich is a access port on the same switch for corosync communication

# /etc/network/interfaces
Code: 
auto lo
iface lo inet loopback

# COROSYNC
auto eth1
iface eth1 inet static
    address 10.0.12.3
    netmask 255.255.255.240

auto eth0
iface eth0 inet manual

# SERVER                                                                                                                                                           
auto vmbr10                                                                                                                                                         
iface vmbr10 inet static                                                                                                                                        
    address  10.0.10.212                                                                                                                                       
    netmask  255.255.255.0                                                                                                                                   
    gateway  10.0.10.254                                                                                                                                       
    bridge_ports eth0.10                                                                                                                                       
    bridge_stp off                                                                                                                                                   
    bridge_fd 0                                                                                                                                                     
                                                                                                                                                                    
# STORAGE                                                                                                                                                         
auto vmbr11                                                                                                                                                         
iface vmbr11 inet static                                                                                                                                        
    address  10.0.11.5                                                                                                                                           
    netmask  255.255.255.128                                                                                                                               
    bridge_ports eth0.11                                                                                                                                        
    bridge_stp off                                                                                                                                                   
    bridge_fd 0

# MGMT
auto vmbr0
iface vmbr0 inet static
    address  10.0.100.35
    netmask  255.255.255.0
    gateway  10.0.100.254
    bridge_ports eth0.100
    bridge_stp off
    bridge_fd 0

# eth0
Code: 
interface GigabitEthernet1/0/3 
 description *** to PROXMOX *** 
 switchport trunk native vlan 999 
 switchport trunk allowed vlan 10,11,100 
 switchport mode trunk 
 switchport nonegotiate 
 spanning-tree portfast trunk 
 spanning-tree bpduguard enable

I've a vm where the net interface is configured like this
Code: 
net0: virtio=A2:B0:93:9C:4A:1E,bridge=vmbr10

every interface/bridge on the pve host itself is working and accessible but the vm is not able to communicate to anything.

I assume that packets leaving the pve host aren't tagged at all and will land in the blackhole vlan999.

I'm probably missing the bridge/vlan concept of debian here but I thought it would be similar to the vmware way with vswitch and portgroups.


Hopefully somebody can point me to the right direction here....
 
Your bridges need to be vlan aware, a simpler network config is to have one bridge vmbr0 (vlan aware) and add the vlan tag to every VM/container you are running. So you don't need to change the network config, when you add new VLANs to the network.
Code: 
bridge_vlan_aware yes
 
ok so I changed the relevant part and changed the native vlan on the trunk to 100 (mgmt) so I can still access the pve host

Code: 
auto eth0
iface eth0 inet manual

# SERVER
auto vmbr0
iface vmbr0 inet static
   address 10.0.100.35
   netmask  255.255.255.0
   gateway  10.0.100.254
   bridge_vlan_aware yes
   bridge_ports eth0
   bridge_stp off
   bridge_fd 0

# STORAGE
auto vmbr11
iface vmbr11 inet static
   address  10.0.11.5
   netmask  255.255.255.128
   bridge_ports eth0.11
   bridge_stp off
   bridge_fd 0

but VM is still not able to reach anything

is it even possible to mix the eth0 config like this - vmbr0 with eth0 as bridge port is vlan aware and vmbr11 is bridge port eth0.11 ?
 
I assume that your VM is now using vmbr0. Did you set the vlan on the interface of the VM?.
 
  • Like
Reactions: paradigmatic
is it even possible to mix the eth0 config like this - vmbr0 with eth0 as bridge port is vlan aware and vmbr11 is bridge port eth0.11 ?
Click to expand...

I removed the storage vlan from the config so now I have only this
Code: 
auto eth0
iface eth0 inet manual

# SERVER
auto vmbr0
iface vmbr0 inet static
   address 10.0.100.35
   netmask  255.255.255.0
   gateway  10.0.100.254
   bridge_vlan_aware yes
   bridge_ports eth0
   bridge_stp off
   bridge_fd 0

I assume that your VM is now using vmbr0. Did you set the vlan on the interface of the VM?.
Click to expand...
yes it is using vmbr0 and I added the vlan tag to the vm net interface

I forgot to mention my pve version: 4.4
 
ok so I tried a new server with pve 5.0 and with bridge_vlan_aware interface config + storage int

Code: 
iface enp9s0 inet manual

auto vmbr0
iface vmbr0 inet static
       address  10.0.100.33
       netmask  255.255.255.0
       gateway  10.0.100.254
       bridge_ports enp9s0
       bridge_stp off
       bridge_fd 0
       bridge_vlan_aware yes

auto vmbr11
iface vmbr11 inet static
       address  10.0.11.3
       netmask  255.255.255.128
       bridge_ports enp9s0.11
       bridge_stp off
       bridge_fd 0

and voila everything is working as expected !

I will try pve 5.0 on the other server also to check if it is a prob with the "old" pve version or something else
 
I am using pve 5.4-13 and not working
iface eno2 inet manual

auto vmbr2
iface vmbr2 inet manual
bridge-ports eno2
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094

auto vmbr998
iface vmbr998 inet manual
bridge-ports eno2.998
bridge-stp off
bridge-fd 0

auto vmbr999
iface vmbr999 inet manual
bridge-ports eno2.999
bridge-stp off
bridge-fd 0

On VM config i have set:

net0: virtio=36:6E:C9:D8:33:C3,bridge=vmbr998

I also have tried:

net0: virtio=36:6E:C9:D8:33:C3,bridge=vmbr2,tag=998

But without success...


I also have tried:

iface eno2 inet manual

auto vmbr2
iface vmbr2 inet manual
bridge-ports eno2
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094

auto vmbr998
iface vmbr998 inet manual
bridge-ports vmbr2.998
bridge-stp off
bridge-fd 0

auto vmbr999
iface vmbr999 inet manual
bridge-ports vmbr2.999
bridge-stp off
bridge-fd 0
 
You must log in or register to reply here.
Top Bottom