Why we can't have more than 4094 vlan tag ID on OVS with GRE overly?

T

tincboy

Renowned Member
Apr 13, 2010
466
5
83
I setup OVS switch on 10 nodes which are interconnected via GRE tunnels, but I can see Proxmox is not letting us create more than 4094 vlans because tag ID larger than 4094 is not validated in Proxmox interface or API.
Is there any restriction based on GRE overlay that prevent us having more vlans?
 
tincboy said:
Using an other field, can't we assign both VLAN field IDs from Proxmox configs? If so then we can have more than 16 million separated private networks. right?
Click to expand...
This is not how it works. Using two VLAN tags will not increase the addressable range (24bit instead of 12bit) but will put the packet with it's VLAN tag into another VLAN tag. It's a bit like having a box with the VLAN number written on it put in another box with the second VLAN number on it.
Usually switches only care about the most outer VLAN tag.

What is your use case?
 
aaron said:
This is not how it works. Using two VLAN tags will not increase the addressable range (24bit instead of 12bit) but will put the packet with it's VLAN tag into another VLAN tag. It's a bit like having a box with the VLAN number written on it put in another box with the second VLAN number on it.
Usually switches only care about the most outer VLAN tag.

What is your use case?
Click to expand...
My case is to offer private network to our many clients, each client may have more than 1 private network and therefor 4095 vlan tag is not enough to fully isolate each client's private network.
 
tincboy said:
My case is to offer private network to our many clients, each client may have more than 1 private network and therefor 4095 vlan tag is not enough to fully isolate each client's private network.
Click to expand...

Using QinQ tagging would encapsulate all customer VLANs/private networks into 1 tagged VLAN on your provider network. You would need to define a customer edge and provider edge of the network where this happens so that you don't have any shared VLANs between customers. This would give each customer 4094 VLANs and you as a provider 4094 VLANs to assign to customers. Theoretically you max out at 4094 customers.

You may want to look into seeing if VXLANs would fit your use case as you'd have 16 million VXLAN IDs to utilize.
 
adlai7 said:
Using QinQ tagging would encapsulate all customer VLANs/private networks into 1 tagged VLAN on your provider network. You would need to define a customer edge and provider edge of the network where this happens so that you don't have any shared VLANs between customers. This would give each customer 4094 VLANs and you as a provider 4094 VLANs to assign to customers. Theoretically you max out at 4094 customers.

You may want to look into seeing if VXLANs would fit your use case as you'd have 16 million VXLAN IDs to utilize.
Click to expand...
In vxlan, is VNI equevalent of vlanID ? by setting VNI to each interface of a VM, are we isolating the traffic of that customer of others?
 
tincboy said:
In vxlan, is VNI equevalent of vlanID ? by setting VNI to each interface of a VM, are we isolating the traffic of that customer of others?
Click to expand...

Yes, each VNI (VXLAN Network ID) is a L2 domain and would isolate traffic in the same way VLANs do.
 
adlai7 said:
Yes, each VNI (VXLAN Network ID) is a L2 domain and would isolate traffic in the same way VLANs do.
Click to expand...
Thanks for the info, would you please let me know how can I configure VNI id of an interface in Proxmox using OpenVSwitch Bridge?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom