[pve-devel] [PATCH] Virtual vlan tagging to bridge interface

Alexandre DERUMIER aderumier at odiso.com
Mon Jan 13 06:05:53 CET 2014 

>>I believe these are very similar to Alexandre's patches

No, my patches used new vlan_filtering feature from 3.10 kernel.
This allow to tag packets for 1 specific interface plugged in the bridge

something like :

bond0----->vmbr0<---tap0

#bridge add dev tap0 vid101 pvid untagged

-untagged packets coming from tap0 to the bridge will be tagged vlan101
-tagged packet101 coming from bridge to tap0 will be untagged





----- Mail original ----- 

De: "Andrew Thrift" <andrew at networklabs.co.nz> 
À: pve-devel at pve.proxmox.com 
Envoyé: Lundi 13 Janvier 2014 01:33:24 
Objet: Re: [pve-devel] [PATCH] Virtual vlan tagging to bridge interface 


FYI we are using vlan tagging on bridges with Proxmox in production for over a year now, initially on 2.6.32 kernel and then on 3.10. We are using Intel gigabit and 10gigabit adapters. 


We posted the patches to the list a few months back, I believe these are very similar to Alexandre's patches. We have a more complex config in that we are also doing bonding and QinQ vlan tagging. 


Our setup looks like this: 


eth0,eth1,eth2,eth3---->bond0---->bond0.101---->vmbr0---->vmbr0.201<----tap interface 



That is using an outer tag of 101 and an inner tag of 201. 









On Sat, Jan 11, 2014 at 7:59 AM, Alexandre DERUMIER < aderumier at odiso.com > wrote: 



>>If alexandre’s patch don’t work with any devices it isn’t really interesting because it addressing other functionality and devices. I checked the patch and it use the same problematic part with eth*, wifi* and >>bond* check which fails with virtual devices like gre, ipsec,.. 

What do you mean by "don't work with any devices" ? 

My patch is to manage vlan tags on the bridge, not eth interface. 

eth0---->vmbr0<------tap interface 

vlan are tagged on tap interfaces plugged on vmbr0, with new "bridge" cmd. (like an access port on a cisco switch) 
and vlans are allowed to pass through eth0.(like a trunk port on cisco switch) 

So I think it should work with gre,ipsec,...(But I don't have tested it yet) 






----- Mail original ----- 

De: "Johannes Ernst" < info at filemedia.de > 
À: pve-devel at pve.proxmox.com 
Envoyé: Vendredi 10 Janvier 2014 18:16:30 

Objet: Re: [pve-devel] [PATCH] Virtual vlan tagging to bridge interface 



Thus, it’s a configuration issue and NOT a kernel issue. 

If alexandre’s patch don’t work with any devices it isn’t really interesting because it addressing other functionality and devices. I checked the patch and it use the same problematic part with eth*, wifi* and bond* check which fails with virtual devices like gre, ipsec,.. 

Am 10.01.2014 um 17:18 schrieb Dietmar Maurer < dietmar at proxmox.com >: 

>> Sure? Do you have additional information? I think it's not correct and it works! 
> 
> We tested that a few times (and failed), so nobody is keen to test that again. 
> 
> We currently try to use the new bridge VLAN features - that looks more promising (see patches from Alexandre). 
> 




_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 
_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 




_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

More information about the pve-devel mailing list