[pve-devel] [PATCH] Virtual vlan tagging to bridge interface

Alexandre DERUMIER aderumier at odiso.com
Mon Jan 13 09:31:38 CET 2014 

Also,I see that support of 802.1ad has been added to kernel since 3.10 only. So how do is work before ?

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ad227ff89a7e6f05d07cd0acfd95ed3a24450ca


# ip link add link eth0 eth0.1000 \
	type vlan proto 802.1ad id 1000

----- Mail original ----- 

De: "Alexandre DERUMIER" <aderumier at odiso.com> 
À: "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag> 
Cc: pve-devel at pve.proxmox.com 
Envoyé: Lundi 13 Janvier 2014 09:10:59 
Objet: Re: [pve-devel] [PATCH] Virtual vlan tagging to bridge interface 

>>this should explain it: 
>>http://en.wikipedia.org/wiki/IEEE_802.1ad 

Thanks, I understand now. 

So, for this setup: 

bond0.101---->vmbr0---->vmbr0.201<----tap interface 


when the packet from tap (tagged 201) is going out through bond0.101, 

what happen ? 

is the packet vlan retagged 101 ? 
or is the packet vlan 201 encapsuled in vlan101 ? 





----- Mail original ----- 

De: "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag> 
À: "Alexandre DERUMIER" <aderumier at odiso.com>, "Andrew Thrift" <andrew at networklabs.co.nz> 
Cc: pve-devel at pve.proxmox.com 
Envoyé: Lundi 13 Janvier 2014 08:24:19 
Objet: Re: [pve-devel] [PATCH] Virtual vlan tagging to bridge interface 

Am 13.01.2014 07:54, schrieb Alexandre DERUMIER: 
>>> QinQ vlan tagging. 
> 
> can somebody explain me how qinq works exactly ? (I'm reading cisco doc, but I'm not sure to understand how tagging is working exactly) 

this should explain it: 
http://en.wikipedia.org/wiki/IEEE_802.1ad 


> ----- Mail original ----- 
> 
> De: "Andrew Thrift" <andrew at networklabs.co.nz> 
> À: pve-devel at pve.proxmox.com 
> Envoyé: Lundi 13 Janvier 2014 01:33:24 
> Objet: Re: [pve-devel] [PATCH] Virtual vlan tagging to bridge interface 
> 
> 
> FYI we are using vlan tagging on bridges with Proxmox in production for over a year now, initially on 2.6.32 kernel and then on 3.10. We are using Intel gigabit and 10gigabit adapters. 
> 
> 
> We posted the patches to the list a few months back, I believe these are very similar to Alexandre's patches. We have a more complex config in that we are also doing bonding and QinQ vlan tagging. 
> 
> 
> Our setup looks like this: 
> 
> 
> eth0,eth1,eth2,eth3---->bond0---->bond0.101---->vmbr0---->vmbr0.201<----tap interface 
> 
> 
> 
> That is using an outer tag of 101 and an inner tag of 201. 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> On Sat, Jan 11, 2014 at 7:59 AM, Alexandre DERUMIER < aderumier at odiso.com > wrote: 
> 
> 
> 
>>> If alexandre’s patch don’t work with any devices it isn’t really interesting because it addressing other functionality and devices. I checked the patch and it use the same problematic part with eth*, wifi* and >>bond* check which fails with virtual devices like gre, ipsec,.. 
> 
> What do you mean by "don't work with any devices" ? 
> 
> My patch is to manage vlan tags on the bridge, not eth interface. 
> 
> eth0---->vmbr0<------tap interface 
> 
> vlan are tagged on tap interfaces plugged on vmbr0, with new "bridge" cmd. (like an access port on a cisco switch) 
> and vlans are allowed to pass through eth0.(like a trunk port on cisco switch) 
> 
> So I think it should work with gre,ipsec,...(But I don't have tested it yet) 
> 
> 
> 
> 
> 
> 
> ----- Mail original ----- 
> 
> De: "Johannes Ernst" < info at filemedia.de > 
> À: pve-devel at pve.proxmox.com 
> Envoyé: Vendredi 10 Janvier 2014 18:16:30 
> 
> Objet: Re: [pve-devel] [PATCH] Virtual vlan tagging to bridge interface 
> 
> 
> 
> Thus, it’s a configuration issue and NOT a kernel issue. 
> 
> If alexandre’s patch don’t work with any devices it isn’t really interesting because it addressing other functionality and devices. I checked the patch and it use the same problematic part with eth*, wifi* and bond* check which fails with virtual devices like gre, ipsec,.. 
> 
> Am 10.01.2014 um 17:18 schrieb Dietmar Maurer < dietmar at proxmox.com >: 
> 
>>> Sure? Do you have additional information? I think it's not correct and it works! 
>> 
>> We tested that a few times (and failed), so nobody is keen to test that again. 
>> 
>> We currently try to use the new bridge VLAN features - that looks more promising (see patches from Alexandre). 
>> 
> 
> 
> 
> 
> _______________________________________________ 
> pve-devel mailing list 
> pve-devel at pve.proxmox.com 
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 
> _______________________________________________ 
> pve-devel mailing list 
> pve-devel at pve.proxmox.com 
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 
> 
> 
> 
> 
> _______________________________________________ 
> pve-devel mailing list 
> pve-devel at pve.proxmox.com 
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 
> _______________________________________________ 
> pve-devel mailing list 
> pve-devel at pve.proxmox.com 
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel 
> 
_______________________________________________ 
pve-devel mailing list 
pve-devel at pve.proxmox.com 
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

More information about the pve-devel mailing list