Hello!
I'm trying to get VLAN tagging working on a 8-node Proxmox cluster with little luck. I would really appreciate any advice. I'm using a Fortigate 1048E and have isolated 2 nodes for testing for now. On the relevant ports I have VLANs 503,504, and 505 set as "Allowed" and discard-mode set to none.
I've created Linux bridges on the physical ports and Linux VLANs as well. For testing I now have IPs on the Linux VLANs:
Both vmbr0's have VLAN Aware checked.
I cannot ping between these two IPs. When I do a tcpdump I can see tagged frames on the vmbr0 interface, but nothing on the physical interface (ens20d1 in this case). The switch shows no traffic at all coming from those ports.
I've also tried tagging on VMs and LXCs with the same result. If I have the VMs and LXCs on the same node everything works, but as soon as I put them on different nodes it stops.
Should I see the 802.1q tagged frames on the physical interface?
With discard-mode set to none on these ports, that should be right? docs
What is the proper way to setup VLANs? I thought the VLAN Aware button just made everything easy.
Should I be using OVS instead?
Node1:
Node 2:
I'm trying to get VLAN tagging working on a 8-node Proxmox cluster with little luck. I would really appreciate any advice. I'm using a Fortigate 1048E and have isolated 2 nodes for testing for now. On the relevant ports I have VLANs 503,504, and 505 set as "Allowed" and discard-mode set to none.
I've created Linux bridges on the physical ports and Linux VLANs as well. For testing I now have IPs on the Linux VLANs:
Both vmbr0's have VLAN Aware checked.
I cannot ping between these two IPs. When I do a tcpdump I can see tagged frames on the vmbr0 interface, but nothing on the physical interface (ens20d1 in this case). The switch shows no traffic at all coming from those ports.
I've also tried tagging on VMs and LXCs with the same result. If I have the VMs and LXCs on the same node everything works, but as soon as I put them on different nodes it stops.
Should I see the 802.1q tagged frames on the physical interface?
With discard-mode set to none on these ports, that should be right? docs
What is the proper way to setup VLANs? I thought the VLAN Aware button just made everything easy.
Should I be using OVS instead?
Node1:
Code:
auto lo
iface lo inet loopback
iface ens20d1 inet manual
iface ens20 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.x.y.25/24
gateway 10.x.y.1
bridge-ports ens20d1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#internal
auto vmbr1
iface vmbr1 inet manual
bridge-ports ens20
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#external
auto vmbr0.503
iface vmbr0.503 inet static
address 192.168.1.78/24Node 2:
Code:
auto lo
iface lo inet loopback
iface ens20d1 inet manual
iface ens20 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.x.y.26/24
gateway 10.x.y.1
bridge-ports ens20d1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#internal
auto vmbr1
iface vmbr1 inet manual
bridge-ports ens20
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#external
auto vmbr0.503
iface vmbr0.503 inet static
address 192.168.1.79/24
Last edited: