VLAN tags not passing to VMs, but is to Proxmox host

I

iamspartacus

Member
Sep 9, 2020
35
0
11
40
I'm using a pair of NICs bonded together from a Mikrotik CRS354 running RouterOS. On the Mikrotik side I have VLAN 110, 120, and 140 tagged on the bond. I have Proxmox management running on VLAN 110 and that is working fine. If I try to tag 120 or 140 to a VM, I can't communicate over those networks (not with a static or with dchp as it never gets an IP). What am I missing?

1676065308046.png

1676065325075.png


I've tried adding vlans off the bond (ie. bond0.120) as well as a bridge with that as the port and I'm coming up empty.
 
Last edited:
DC-CA1 said:
I mean can you use vlan110 inside your vm ?
See if you can ping something
Click to expand...

Oh sorry I misunderstood. No. If I assign 110 to a VM I also get nothing.

Does the Proxmox config look correct? If so I'll focus on my switch side even though there shouldn't be much to it that except tagging the VLANs on the bond ports.
 
Yes go in your mikrotik check under bridge setting if vlan aware is enable and define your vlan as tag under bridge section

Maybe they are as untag by mistake too
 
DC-CA1 said:
Yes go in your mikrotik check under bridge setting if vlan aware is enable and define your vlan as tag under bridge section

Maybe they are as untag by mistake too
Click to expand...

Is there some VLAN aware setting that I'm not aware of? Only VLAN setting for the bridge that I was aware of is enabling VLAN filtering. That is enabled on the bridge. I have also confirmed that the VLANs in question here including 110 are all tagged on the bond interface. I have VLANs tagged on other interfaces on the switch that go to my firewall for example and to other switches and that is all working.
 
DC-CA1 said:
I would say do your testing again without bonding

Down to your pve and if nothing work tag your laptop if it support it. If nothing then can't say
Click to expand...

Will do. Yeah, that would be a good test to make sure that tagging to individual hosts is working properly.
 
So I spun up a new Proxmox host with the same network config about and the same switch config and everything works. So something is going on with my current Proxmox host. When I do ip link show I see a TON of interfaces. I recognize 1 - 11 but after that, not a clue. What are all of these from?

NOTE**: Ignore the fact that the interfaces don't match the image above. As I indicated, I can't get the above setup to work on this host so this is currently I how I have the host functioning (with the bond set with VLAN 110 untagged).

root@sparta:~# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eno1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff altname enp72s0f0 3: eno2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff permaddr 3c:ec:ef:7a:d8:1d altname enp72s0f1 4: usb0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether 0e:ac:e5:60:36:d9 brd ff:ff:ff:ff:ff:ff 5: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff 6: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff 7: bond0.120@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr120 state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff 8: vmbr120: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff 9: bond0.140@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr140 state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff 10: vmbr140: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:7a:d8:1c brd ff:ff:ff:ff:ff:ff 11: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default link/ether 02:42:90:9c:e0:df brd ff:ff:ff:ff:ff:ff 12: br-f5e1bcba1762: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 02:42:93:df:32:5f brd ff:ff:ff:ff:ff:ff 14: veth30d263c@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 8e:d2:e6:97:a3:a2 brd ff:ff:ff:ff:ff:ff link-netnsid 0 16: veth901b7ec@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether d2:60:3e:5f:fb:91 brd ff:ff:ff:ff:ff:ff link-netnsid 2 18: veth4698f94@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 5e:0b:c2:28:1c:21 brd ff:ff:ff:ff:ff:ff link-netnsid 1 20: vethc97e23b@if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether fa:e9:90:41:60:c7 brd ff:ff:ff:ff:ff:ff link-netnsid 3 30: veth10246c5@if29: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 82:2b:b1:50:77:fd brd ff:ff:ff:ff:ff:ff link-netnsid 8 38: veth846fdfa@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 06:63:33:d3:a0:98 brd ff:ff:ff:ff:ff:ff link-netnsid 14 40: veth4a2db26@if39: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 26:6a:fe:c5:a5:fc brd ff:ff:ff:ff:ff:ff link-netnsid 12 52: veth93ccd8c@if51: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 76:c5:75:03:0e:ea brd ff:ff:ff:ff:ff:ff link-netnsid 19 58: vethb311e8c@if57: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 22:d2:1b:ea:28:31 brd ff:ff:ff:ff:ff:ff link-netnsid 22 62: veth57498e6@if61: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 16:db:69:94:6d:a3 brd ff:ff:ff:ff:ff:ff link-netnsid 25 321: tap202i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr202i0 state UNKNOWN mode DEFAULT group default qlen 1000 link/ether fa:4c:ea:dc:c8:cb brd ff:ff:ff:ff:ff:ff 322: fwbr202i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether fa:00:4c:d3:6c:0c brd ff:ff:ff:ff:ff:ff 323: fwpr202p0@fwln202i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP mode DEFAULT group default qlen 1000 link/ether d2:5c:3e:0f:e8:83 brd ff:ff:ff:ff:ff:ff 324: fwln202i0@fwpr202p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr202i0 state UP mode DEFAULT group default qlen 1000 link/ether 12:ff:35:65:cd:61 brd ff:ff:ff:ff:ff:ff 68: veth759599e@if67: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether e2:c0:fe:2e:7d:50 brd ff:ff:ff:ff:ff:ff link-netnsid 26 71: vlan140-host@vmbr140: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether 5e:b5:46:38:a5:66 brd ff:ff:ff:ff:ff:ff 328: vethb675ca5@if327: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 76:81:2e:de:e5:92 brd ff:ff:ff:ff:ff:ff link-netnsid 5 330: veth599bf08@if329: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether ce:e7:02:a8:71:d9 brd ff:ff:ff:ff:ff:ff link-netnsid 9 332: vethc7e9391@if331: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether ea:b9:11:6c:4a:99 brd ff:ff:ff:ff:ff:ff link-netnsid 7 334: veth5054ecd@if333: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 56:2a:1e:81:e7:f3 brd ff:ff:ff:ff:ff:ff link-netnsid 10 336: vethe7cd642@if335: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 16:80:db:8f:b3:b2 brd ff:ff:ff:ff:ff:ff link-netnsid 11 338: vetha335ec8@if337: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether a6:83:a6:f8:f0:31 brd ff:ff:ff:ff:ff:ff link-netnsid 15 340: veth67fba26@if339: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 26:24:5b:68:bd:fb brd ff:ff:ff:ff:ff:ff link-netnsid 17 88: vethf3b5320@if87: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether e6:92:3c:66:04:91 brd ff:ff:ff:ff:ff:ff link-netnsid 21 346: veth635a694@if345: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 8a:74:e9:ea:36:80 brd ff:ff:ff:ff:ff:ff link-netnsid 24 348: veth63722b6@if347: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether e2:4e:44:12:43:24 brd ff:ff:ff:ff:ff:ff link-netnsid 27 350: vethc89314f@if349: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether f6:1d:39:8f:7b:5f brd ff:ff:ff:ff:ff:ff link-netnsid 29 352: veth3e943f4@if351: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether a2:5d:ef:43:37:b8 brd ff:ff:ff:ff:ff:ff link-netnsid 28 356: veth51762e5@if355: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether c6:84:ea:fc:d9:43 brd ff:ff:ff:ff:ff:ff link-netnsid 16 358: veth9dbb016@if357: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether e6:d4:b5:59:24:1c brd ff:ff:ff:ff:ff:ff link-netnsid 13 360: vethc76b61c@if359: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 6e:c2:d9:51:f8:b9 brd ff:ff:ff:ff:ff:ff link-netnsid 20 364: vetha01b8bc@if363: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 92:c8:32:ec:67:92 brd ff:ff:ff:ff:ff:ff link-netnsid 6 366: veth6eb0bc8@if365: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether 66:b3:84:ba:eb:82 brd ff:ff:ff:ff:ff:ff link-netnsid 18 368: veth38c4461@if367: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-f5e1bcba1762 state UP mode DEFAULT group default link/ether d6:ff:c7:1c:77:e7 brd ff:ff:ff:ff:ff:ff link-netnsid 30 181: tap200i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr200i0 state UNKNOWN mode DEFAULT group default qlen 1000 link/ether 7e:64:bd:7d:e5:5d brd ff:ff:ff:ff:ff:ff 182: fwbr200i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether aa:16:80:09:d4:4d brd ff:ff:ff:ff:ff:ff 183: fwpr200p0@fwln200i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP mode DEFAULT group default qlen 1000 link/ether fa:ac:a9:83:e2:ea brd ff:ff:ff:ff:ff:ff 184: fwln200i0@fwpr200p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr200i0 state UP mode DEFAULT group default qlen 1000 link/ether 16:d6:38:85:b9:53 brd ff:ff:ff:ff:ff:ff
 
Hi,

I guess your problem is on the mikrotik switch. I think that on switch you have a bridge who has bond interface in it(maybe with also other ports).

You must enable vlan filtering on this bridge(bridge poroprieties, see VLAN tab)
Then you need to create a vlan interface (interface - add vlan, see + sign on winbox)for each vlan that you want to pass from PMX to the switch.
- any of this interface will have the desired vlanid, and the bridge as parent interface)
- in bridge vlan menu, you will tagg the desired interface for each vlanid(tagg: bridge, bond and others interfaces if you want to pass the vlan to other ports from this bridge)

Then setup the necessary IP address for each vlan interface.

You can see if yours vlans from VMs are ok if you seen in menu ip arp and interface bridge hosts(you need to activate a filter for vlan to see it)

Test with tracert from menu tools to any vlans that you have in VMs. You could also use torch button on the bridge interface to sniff the traffic on Mikrotik.

All that I say is from my memory, I am AOK now.

I assume you wil use winbox...

Good luck / Bafta !
 
Last edited:
guletz said:
Hi,

I guess your problem is on the mikrotik switch. I think that on switch you have a bridge who has bond interface in it(maybe with also other ports).

You must enable vlan filtering on this bridge(bridge poroprieties, see VLAN tab)
Then you need to create a vlan interface (interface - add vlan, see + sign on winbox)for each vlan that you want to pass from PMX to the switch.
- any of this interface will have the desired vlanid, and the bridge as parent interface)
- in bridge vlan menu, you will tagg the desired interface for each vlanid(tagg: bridge, bond and others interfaces if you want to pass the vlan to other ports from this bridge)

Then setup the necessary IP address for each vlan interface.

You can see if yours vlans from VMs are ok if you seen in menu ip arp and interface bridge hosts(you need to activate a filter for vlan to see it)

Test with tracert from menu tools to any vlans that you have in VMs. You could also use torch button on the bridge interface to sniff the traffic on Mikrotik.

All that I say is from my memory, I am AOK now.

I assume you wil use winbox...

Good luck / Bafta !
Click to expand...

Thanks for the reply but if you saw my first reply today I proved it's not the Mikrotik switch. I spun up a fresh Proxmox host configured identically on the switch side as my current Proxmox host and all is working perfectly on that host.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back