[pve-devel] kernel 3.10 : bridge vlan test

[Alexandre DERUMIER]

Ok, here first tests results, bad new I can't get it work :(

setup:

1 vm id 100 with tap100i0 on vmbr1
1 vm id 101 with tap101i0 on vmbr1 

vmbr1 is an isolated bridge, without physical ethx plugged

I have compiled iproute2 to have the new bridge util

# ./bridge vlan add dev tap100i0 vid 94 pvid 
# ./bridge vlan add dev tap101i0 vid 95 pvid 

./bridge vlan show 
port vlan ids 
tap100i0	 94 PVID
tap101i0	 95 PVID


That seem ok, but both vms can ping together ....
So, it's like filtering doesn't work

I have also try same commandes without pvid option, it doesn't work too.

Maybe somebody have an idea ?



The only doc about bridge command I found is this :
"
To configure the VLANs on the bridge and its ports a new command is
added to the 'bridge' utility.

   # bridge vlan add dev eth0 vid 10 pvid untagged brdev
   # bridge vlan add
   # bridge vlan delete dev eth0 vid 10
   # bridge vlan show

This command supports the following flags:
   master - peform the operation on the software bridge device.  This is
	    the default behavior.
   self  -  perform the operation on the hardware associated with the port.
            This flag is required when the device is the bridge device and
	    the configuration is desired on the bridge device itself (not
	    one of the ports).
   pvid  -  Set the PVID (port vlan id) for a given port.  Any untagged
            frames arriving on the port will be assigned to this vlan.
   untagged - Sets the egress policy of for a given vlan.  Default port
            egress policy is tagged.  Set this flag if you wish traffic
            associated with this VLAN to exit the port untagged.
"