Vlan aware bridge unable to receive vlan traffic

[BelCloud]

I've been trying to pass a trunk port directly to a VM, however the incoming traffic does not seem to reach the bridge.

My config looks like this:

auto vmbr11
iface vmbr11 inet manual
        bridge_vlan_aware yes
        bridge_ports eno2
        bridge_stp off
        bridge_fd 0

Vlan id: 1001

The traffic on the interfaces sees the vlan both ways and it's able to forward the outgoing vlan traffic correctly.

# tcpdump -i eno2 -n -e vlan 1001

13:40:20.121891 c2:7e:38:10:66:ae > 33:33:ff:00:00:79, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, xxxx:xxxx:1::7b > ff02::1:ff00:79: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::79, length 32
13:40:20.130971 c4:71:fe:32:45:80 > c2:7e:38:10:66:ae, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, xxxx:xxxx:1::79 > xxxx:xxxx:1::7b: ICMP6, neighbor advertisement, tgt is xxxx:xxxx:1::79, length 32
13:40:20.263341 c4:71:fe:32:45:80 > c2:7e:38:10:66:ae, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, fe80::c671:feff:fe32:4580 > xxxx:xxxx:1::7b: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::7b, length 32
13:40:21.122508 c2:7e:38:10:66:ae > 33:33:ff:00:00:79, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, xxxx:xxxx:1::7b > ff02::1:ff00:79: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::79, length 32
13:40:21.126075 c4:71:fe:32:45:80 > c2:7e:38:10:66:ae, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, xxxx:xxxx:1::79 > xxxx:xxxx:1::7b: ICMP6, neighbor advertisement, tgt is xxxx:xxxx:1::79, length 32
13:40:22.121940 c2:7e:38:10:66:ae > 33:33:ff:00:00:79, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, xxxx:xxxx:1::7b > ff02::1:ff00:79: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::79, length 32
13:40:22.126042 c4:71:fe:32:45:80 > c2:7e:38:10:66:ae, ethertype 802.1Q (0x8100), length 90: vlan 1001, p 0, ethertype IPv6, xxxx:xxxx:1::79 > xxxx:xxxx:1::7b: ICMP6, neighbor advertisement, tgt is xxxx:xxxx:1::79, length 32

However, at the same time, the incoming traffic is not forwarded to the bridge (or the vm):

#tcpdump -n -i vmbr11
13:40:20.121882 IP6 xxxx:xxxx:1::7b > ff02::1:ff00:79: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::79, length 32
13:40:20.241872 IP6 xxxx:xxxx:1::83 > ff02::1:ff00:81: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::81, length 32
13:40:20.885691 STP 802.1w, Rapid STP, Flags [Learn, Forward], bridge-id 8000.c2:7e:38:10:66:ae.8001, length 36
13:40:21.122498 IP6 xxxx:xxxx:1::7b > ff02::1:ff00:79: ICMP6, neighbor solicitation, who has xxxx:xxxx:1::79, length 32

Does anyone have any idea what i'm doing wrong?

 

[spirit]

This is strange, it should work.

can you send output of

#brctl show
and
#bridge -c vlan show

?

 

[BelCloud]

Extracted from #bridge -c vlan show

eno2     1 PVID Egress Untagged
eno2.1001        1 PVID Egress Untagged
vmbr11   1 PVID Egress Untagged
tap8856i0        1 PVID Egress Untagged

From #brctl show

vmbr11          8000.bc305bf5d00c       no              eno2
                                                        tap8856i0
vmbr11v1001             8000.bc305bf5d00c       no              eno2.1001

Thank you

 

[spirit]

do you have reboot after enable vlan aware on the bridge ?

because you have an old proxmox vlan bridge, without vlan aware.

vmbr11v1001 8000.bc305bf5d00c no eno2.1001

remove eno2.1001 and vmbr11v1001, and try again.