Will the switch see the frame leaving the virtual machine with a properly assigned tag? and inter vlan-routing

marcinr_92

New Member
Jan 2, 2021
12
0
1
30
Hello All,

I'm new in proxmox and i want pass all traffic from virtual Vm through external switch, not an internal switch. I have switch with .1q support (tp-link TLSG108E), so i want use that, there is some easy way to do that ?:). I have created a few vm and i want separate them from other machin and next i want create something like inter-vlan routing. Last question, my switch will by see that the frame which leave virtual machine has a tag assigned to proper vlan ?

Vm system: Debian
Proxmox version: 6.3.2
Server: Dell t620
 

spirit

Famous Member
Apr 2, 2010
5,873
704
133
www.odiso.com
simply assign a vlan tag in the vm nic gui form, they the tag will be see with your physical switch, no problem.

if you use non-vlanware vmbrX, the tag is done when is packet is going out your physical interfaces. (so vmbrX don't see the vlan tag)
if you use vlanaware vmbrX, the tag is done on the virtual port of vmbrX.

(both are the same for your physical switch)
 

H4R0

Well-Known Member
Apr 5, 2020
616
138
48
Like spirit said, for the bridge enable "vlan aware" and for the vm hardware nic specify a vlan id.

Then tag your pve host with the vlan in your switch.


You will still need a gateway and do nat if you want your vm's to have internet access.
 

marcinr_92

New Member
Jan 2, 2021
12
0
1
30
Great! i will google deeper :), @H4R0 like you said i still need access to internet, but not for all vlan, just for part of them, so here the question arises. The proxmox has an internal features for NAT?
Today i did a few vm,
vlan 20
1. 192.168.10.20
2. 192.168.10.21
vlan 30
1. 192.168.10.30
2. 192.168.10.31

The machine cannot ping each other between vlan (what is the expected result), so how mix them? Frame for .1q working on L2, so if i want communicate them i need to provide routing, what is the easiest way to do that? some OpenWrt as an virtual machine?
 
Last edited:

spirit

Famous Member
Apr 2, 2010
5,873
704
133
www.odiso.com
Great! i will google deeper :), @H4R0 like you said i still need access to internet, but not for all vlan, just for part of them, so here the question arises. The proxmox has an internal features for NAT?
Today i did a few vm,
vlan 20
1. 192.168.10.20
2. 192.168.10.21
vlan 30
1. 192.168.10.30
2. 192.168.10.31

The machine cannot ping each other between vlan (what is the expected result), so how mix them? Frame for .1q working on L2, so if i want communicate them i need to provide routing, what is the easiest way to do that? some OpenWrt as an virtual machine?
you don't have same subnets on differents vlans, if you want vlan inter routing.

maybe use somethinh like 192.168.20.X for vlan20 && 192.168.30.X for vlan30. , then on a physical or virtual machine (pfsense,OpenWrt,...), add an interface with 2 vlans tags, and on each vlan add an ip like (192.168.20.254 && 192.168.30.254), enable routing, and use them as gateway for your vms.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!