[SOLVED] VLAN tagging not working

Mar 19, 2018
27
1
6
48
Hi there,
I have a Proxmox 6.2-4 install and am having an issue with Vlan tagging for one of my VM's.

I have a fairly simple network, and have created a VLAN in pfsense which is attached to the main LAN interface of that router. It works fine, and clients that connect to the relevant untagged port on the switch happily receive an IP address via DHCP on this VLAN subnet.

I have a physical NIC on the Proxmox machine enp6s0 and I have vmbr0 which is the bridge that is bonded to that and is the default bridge. It is attached to the LAN interface on the router, and of course therefore all IP's on guest VMs I create are from the LAN DHCP range of 192.168.1.0/24. Which is what I want for the majority of VMS.

I've set vmbr0 to be 'Vlan Aware' and created a new VM with a NIC attached to vmbr0. I've then added the VLAN tag 110 to this NIC as well.

However, upon booting up the VM ( Centos8 VM - Selinux turned off for now ) I don't get any IP and can't attach to the network. If I remove the VLAN tag, then I get the normal LAN IP just like the other VMs normally do.

Is what I'm trying to do possible? i.e. have vmbr0 carry both the default 192.168.1.0/24 traffic untagged and then also the VLAN 110 traffic - tagged.

The switch network port ( HP Procurve 1810G-24 ) that Proxmox is attached to is configured as Untagged for the Default Network (VLAN 1) and Tagged on VLAN 110 ( i.e. a Trunk? ) So my expectation would be that it carries all traffic, but tags VLAN 110. The Network port that goes to the Pfsense LAN interface is also Untagged on VLAN 1 and Tagged on VLAN 110.

LAN/Default network is 192.168.1.0/24
VLAN is 192.168.110.0/24

my /etc/network/interfaces
Code:
auto lo
iface lo inet loopback

auto enp6s0
iface enp6s0 inet manual

auto vmbr0
iface vmbr0 inet static
    address 192.168.1.10/24
    gateway 192.168.1.1
    bridge-ports enp6s0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

Have I missed a step? I'm at a loss on where to look or how to fix this. I've read the documentation, googled, but it seems that this setup should work - I can't figure out what is wrong.

Apologies if this is a silly mistake, I'm not a deep networking expert, but would welcome any advice or guidance.


Kind Regards

Seb
 
If I understand, your pfsense should be able to send ip for both subnets ? 192.168.1.0/24 (LAN) && 192.168.110.0/24 (VLAN) ?

if yes, do you have an ip address on your pfsense in both subnets ? (because dhcp need a source ip in each subnet )
 
Hi Spirit. Indeed, yes. Both Networks have DHCP setup and can issue IP's for their respective subnets. This actually works correctly for physical machines ( i.e. laptop ) when plugged into the corresponding VLAN network port on the Switch...so all that is working as expected.

I just can't seem to get it working on Proxmox via vmbr0 and into guest VMs.
 
Hmmm OK, I rebooted the Proxmox machine, and now it's working!

I have ifupdown2 installed, so wasn't rebooting (isn't that supposed to work? ), and when I set the bridge to "Vlan Aware = yes" in the GUI ( it was 'No' ), I hit "Apply Configuration". No errors or anything and the GUI then correctly updated and showed Vlan aware being 'Yes', the /etc/network/interfaces config was also updated. I assumed all was working as it should thanks to the magic of ifupdown2 - but it seems sometimes a good old reboot still needs to happen.

Is this a bug? Or expected behavior? Would be good to know in what circumstances a reboot is still required.

Either way, it's working, and I no longer feel as though I'm going completely mad.
 
  • Like
Reactions: dafo
Hmmm OK, I rebooted the Proxmox machine, and now it's working!

I have ifupdown2 installed, so wasn't rebooting (isn't that supposed to work? ), and when I set the bridge to "Vlan Aware = yes" in the GUI ( it was 'No' ), I hit "Apply Configuration". No errors or anything and the GUI then correctly updated and showed Vlan aware being 'Yes', the /etc/network/interfaces config was also updated. I assumed all was working as it should thanks to the magic of ifupdown2 - but it seems sometimes a good old reboot still needs to happen.

Is this a bug? Or expected behavior? Would be good to know in what circumstances a reboot is still required.

Either way, it's working, and I no longer feel as though I'm going completely mad.

If you have already vm running on vmbrX without vlanware, and you enable vlanaware, ifreload will not be able to replug the vms interfaces. (because ifupdown2 don't manage vm tap interfaces).
 
OK, that makes sense.

Although, I did try shutting down the VM, removing the VM NIC, re-adding and re-starting the VM without luck. Definitely learned something new today!
 
If you have already vm running on vmbrX without vlanware, and you enable vlanaware, ifreload will not be able to replug the vms interfaces. (because ifupdown2 don't manage vm tap interfaces).
Does that mean, if I activate "vlan aware" on vmbr0 then I need to delete/add all the guests nic's with the corresponding vlan tag?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!