[pve-devel] disabling iptables on bridge by default (like rhel6 and rhev) ?
Dietmar Maurer
dietmar at proxmox.com
Wed Mar 7 10:41:57 CET 2012
> To be honest,I didn't know that we can put vlan on a linux bridge.
>
> I always put vlan on ethX, then put a bridge on it
Yes, me too - I just found that recently. But I do not know if it works - not tested so far.
> So, I understand the thread:
>
> adding a new bridge,tagged with specific vlan, on the main non tagged
> bridge,then put the tap interface on it.
>
>
> vm with vlan2:
> --------------
>
> system ("/sbin/vconfig add vmbr0 2");
> system ("/usr/sbin/brctl addbr br2");
> system ("/usr/sbin/brctl addif br2 vmbr0.2"); system ("/sbin/ip link set br2 up");
> system ("/usr/sbin/brctl addif br2 tapxxxi0") ;
>
>
> /etc/network/interface
> ------------
> auto eth0
> iface eth0 inet manual
> auto eth1
> iface eth1 inet manual
>
> auto bond0
> iface bond0 inet manual
> slaves eth0 eth1
> bond_miimon 100
> bond_mode active-backup
> pre-up ifup eth0 eth1
> post-down ifdown eth0 eth1
>
> auto vmbr0
> iface vmbr0 inet manual
> bridge_ports bond0
> bridge_stp off
> bridge_fd 0
>
>
>
> if it's works, I could really be fine, because It's really a pain when I need to add
> new vlan on all my proxmox hosts.
>
> Do you want to add a new vlan option to netX interfaces definition ?
Yes, that is the idea.
> I'll test that to see if it's working fine.
> (Do you plan to add it for proxmox 2.0 release ???)
Yes, I would add that if it works.
- Dietmar
More information about the pve-devel
mailing list