Two subnets with one NIC (and one with a vlan)

[IanCH]

Hi

Help please

I'm getting myself really confused with networking Proxmox

I have a proxmox server with a single NIC en01 connected to a LAN that has two subnets on it.

The first subnet is 192.168.100.0/24 with a default gateway going 192.168.100.1.
The second subnet is 10.100.0.0/16 with a VLAN ID 100 (Note the first subnet has no VLAN or tagging)

Does anyone have a example of /etc/network/interfaces that does this?

I tried created the vmbr0 bridge to the interface en01 with no IPs specified.
I then created a VLAN vlan0 with the interface vmbr0 and the IP Address 192.168.100.20/24 (IP of proxmox server) and gw of 192.168.100.1
I then created a VLAN vlan100 with the interface vmbr0 and the IP Address 10.100.0.20/16

This stopped working after a reboot, I assume something to do if vlan0. I assumed vlan id 0 was untagged, please correct me if I'm wrong.

What have I done wrong?

My /etc/network/interface looks like this

auto lo
iface lo inet loopback

iface en01 inet manual

auto vmbr0
iface vmbr0 inet static
        bridge-ports en01
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094


auto vlan0
iface vlan0 inet static
        address 192.168.100.20/24
        gateway 192.168.100.1
        vlan-raw-device vmbr0

auto vlan100
iface vlan100 inet static
        address 10.100.0.0/16
        vlan-raw-device vmbr0

 

[IanCH]

Update

After some research I've discovered that vlan0 is special and doesn't mean untagged. so my new /etc/network/interface looks like this.

auto lo
iface lo inet loopback

iface en01 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.100.20/24
        gateway 192.168.100.1
        bridge-ports en01
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vlan100
iface vlan100 inet static
        address 10.100.0.20/16
        vlan-raw-device vmbr0

So everything on the 192.168.100.x network is now working fine. Connected to the console of the proxmox server I can ping devices on the 192.168.100.x network. Both physical devices on the LAN and VMs on the proxmox.

However not so for the 10.100.x.x network.

Proxmox console can ping itself on 10.100.0.20 and the VM on 10.100.0.201 but it can't ping anything on the LAN.

For example 10.100.0.204 is on the LAN and neither proxmox or the VM can ping 204. Likewise on 10.100.0.204 it can't be 10.100.0.20 or the VM 10.100.0.204, but it can ping other devices on the LAN.

I "think" the issue is with the bridge setup on proxmox and not routing 10.100.x.x traffic onto the LAN

That said when I check /proc/sys/net/ipv4/ip_forward that's set to 1.

In the /etc/sysctl.conf file the ip_forward is uncommented and set to net.ipv4.ip_forward=1

The proxmox iptables is empty and its plugging into a switch that supports VLANs. In fact the other physical devices (that work and ping) are plugged into the same switch.

I'm sure I've got the proxmox config wrong, but what?

FYI currently running Proxmox 7.4-17 all apt packages updated.

Any ideas????

 

[ce3rd]

hi, the switchport where eno1 is plugged into has vlan 100 tagged? and the other hosts on 10.100. lan are also in vlan100 on the switch?

 

[basil]

If the switch is configured correctly, it should look something like this

my pve generate this config

auto vlan100
iface vlan100 inet manual
vlan-raw-device vmbr0

auto vmbr100
iface vmbr100 inet manual
bridge-ports vlan100
bridge-stp off
bridge-fd 0




also try to delete from vmbr0, beacause bridge-vlan-aware is not trunk on or off
bridge-vlan-aware yes
bridge-vids 2-4094

 

[basil]

vlan0

untagged vlan is vlan1 - vlan 0 not possible to make

cat11(config)#vlan 0
Command rejected: Bad VLAN list - character #2 (EOL) delimits a VLAN
number which is out of the range 1..4094.


If you need vlan 100 only form vm's simple way is set vlan for vm