[PVE-User] VLANs

Dimitri Alexandris d.alexandris at gmail.com
Tue Feb 28 21:24:10 CET 2017 

This was posted in the list, a couple of weeks before:

QUOTE

Hi all,

And interesting research study I came across seems to indicate that
OpenVSwitch based network is superior to Linux Bridge based network in
virtual setups: https://www.hindawi.com/journals/jece/2016/5249421/

-- 
Hilsen/Regards
Michael Rasmussen

UNQUOTE.

There isn't a lot new to learn.  As soon as you set your network (via
Proxmox GUI), OVS elements do the same thing, bridges are bridges, etc.  Me
myself i am not an expert on networking, and managed to work it ok.

VLAN additions, and usual network changes are easier.  IP-less VLANS work
as expected, like a real switch.  I 've read many new possibilities but did
not explored them.  My usual use include 3 - 5 vmbrs, 5 - 10 VLANs in OVS
IntPorts, a bond, and a few more eth/vmbr pairs.

The only drawback i have discovered, is when openvswitch is upgraded.  Now
i always perform system upgrades from an actual console (physical), and not
from ssh, because (sometimes) when the openvswitch daemon restarts your ssh
console freezes and the upgrade stucks.  That does apply only when the
openvswitch
package is to be upgraded.

I can send you privately my config files for help, or any other help you
may want.

You may experiment first to see what happens in a non "production" server.



On Tue, Feb 28, 2017 at 9:44 PM, Uwe Sauter <uwe.sauter.de at gmail.com> wrote:

> Hi Dimitri,
>
> Am 28.02.2017 um 19:51 schrieb Dimitri Alexandris:
> > Since you know how to make a bond (switch + proxmox settings), you should
> > learn and use Openvswitch:
> >
> > https://pve.proxmox.com/wiki/Open_vSwitch
> >
> > It's a faster and more elegant solution.  I use it exclusively now with
> > every Proxmox i run.
>
> Can you elaborate why OpenVSwitch is faster? Do you have benchmark numbers?
>
> I'm currently in the process of migrate older infrastructure to a PVE
> cluster which runs a more complex version of my
> previous example (bonds, VLANs and several separated uplinks). I
> personally have a little experience with OpenVSwitch
> but I don't know if it is worth the struggle to teach my colleagues. They
> only know about "the good ol' times" (tm).
>
> Regards,
>
>         Uwe
>
> > 1-  Install it via console:  apt install openvswitch-switch .
> >
> > 2-  From Proxmox GUI, delete all of your present configutation.  Keep a
> > backup first of your existing /etc/network/interfaces  just in case.
> >
> > 3-  Create an OVS Bond, with vmbr0 and both your ethernets as members.  I
> > use [LACP (balance-slb)].  If you don't see a vmbr available, create this
> > first (OVS Bridge) with another eth, and later you remove the eth from
> it.
> >
> > 4-  Don't assign an IP on vmbr0.
> >
> > 5-  Add as many OVS IntPorts you need, each with it's own VLAN and
> > optionally an IP and/or GW.  You should see bond0, lan, dmz, etc. as
> vmbr0
> > members.
> >
> > 6-  Configure your switch (both ports AND bond) to your VLANS, all
> tagged.
> >
> > 7-  Reboot.
> >
> > In your Network settings page, you should see only OVS elements (+ the
> two
> > eths of the bond as Network Devices).
> >
> > You can assign IPs directly to vmbrs when you don't need other VLANs on
> > them.
> >
> >
> >
> > On Tue, Feb 28, 2017 at 6:36 PM, Uwe Sauter <uwe.sauter.de at gmail.com>
> wrote:
> >
> >> I have a setup where I don't use Proxmox own VLAN management but have
> one
> >> bridge per VLAN that I use:
> >>
> >> /etc/network/interfaces
> >> ###
> >> auto lo
> >> iface lo inet loopback
> >>
> >> auto eth0
> >> iface eth0 inet static
> >>         address 192.168.253.200
> >>         netmask 255.255.255.0
> >>         gateway 192.168.253.254
> >>
> >> auto eth0.101
> >> iface eth0.101 inet manual
> >>
> >> auto eth0.102
> >> iface eth0.102 inet manual
> >>
> >> auto vmbr101
> >> iface vmbr101 inet manual
> >>         bridge_ports eth0.101
> >>         bridge_stp off
> >>         bridge_fd 0
> >>
> >> auto vmbr102
> >> iface vmbr102 inet manual
> >>         bridge_ports eth0.102
> >>         bridge_stp off
> >>         bridge_fd 0
> >>
> >> ###
> >>
> >> eth0 is used for access to the Proxmox host.
> >> VLAN 101 and 102 are used for VMs.
> >> Ths switch port is configured for VLAN 100 untagged (native) and VLAN
> 101
> >> and 102 tagged.
> >>
> >> This gives you two VLANs that can be assigned separately to you VMs.
> >>
> >> If you need more details, keep asking.
> >>
> >>
> >> Regards,
> >>
> >>         Uwe
> >>
> >> Am 28.02.2017 um 16:32 schrieb Daniel:
> >>> Hi there,
> >>>
> >>> i wanted to create a VLAN based on my Bonding interface.
> >>> I was looking in  the wiki (https://pve.proxmox.com/wiki/
> Category:HOWTO)
> >> but I didn’t find any ideas. Just old Versions seems to be documented.
> >>>
> >>> Could you tell me who I can setup an VLAN without an IP Assigned to
> that
> >> interface and how can I add this later on a Container/VM.
> >>> Just change vmbr0 interface to the VLAN interface?
> >>>
> >>> --
> >>> Grüsse
> >>>
> >>> Daniel
> >>> _______________________________________________
> >>> pve-user mailing list
> >>> pve-user at pve.proxmox.com
> >>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> >>>
> >>
> >> _______________________________________________
> >> pve-user mailing list
> >> pve-user at pve.proxmox.com
> >> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> >>
> > _______________________________________________
> > pve-user mailing list
> > pve-user at pve.proxmox.com
> > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> >
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>

More information about the pve-user mailing list