[PVE-User] VxLAN and tagged frames
aderumier at odiso.com
Fri Jan 24 11:06:58 CET 2020
>Arf. ifupdown2 seems to be needed for vxlan interfaces to be setup.
yes, ifupdown2 is needed.
>>But it somehow breaks my ARP proxy setup on the WAN interface.
>>Not sure why, everything seems to be correctly setup, but the host doesn't answer to ARP requests anymore. And everything is back to normal as soon as I revert to classic ifupdown.
>>I'll try to look at this a bit later, when I more some spare time.
I'm not sure, but maybe you can try to add
About vlan brige->vxlan, I have done some tests again with last kernel, it seem than 1 vlanaware bridge + 1 vxlan tunnel (tunnel_mode) is still broken,
So the only possible way to 1 vlanawarebridge + multiple vxlan tunnel.
This can be done easily with ifupdown2 like this:
%for v in range(1010,1021):
iface vmbr2 inet manual
bridge_ports glob vxlan1010-1020
This will map vlan1010-1020 to vxlan1010-1020.
the vxlan interfaces are create with a template in a loop
I have tested it, it's working fine.
----- Mail original -----
De: "Daniel Berteaud" <daniel at firewall-services.com>
À: "proxmoxve" <pve-user at pve.proxmox.com>
Envoyé: Vendredi 24 Janvier 2020 10:15:34
Objet: Re: [PVE-User] VxLAN and tagged frames
----- Le 24 Jan 20, à 8:20, Daniel Berteaud daniel at firewall-services.com a écrit :
> ----- Le 23 Jan 20, à 20:53, Alexandre DERUMIER aderumier at odiso.com a écrit :
>> I think if you want to do something like a simple vxlan tunnel, with multiple
>> vlan, something like this should work (need to be tested):
>> auto vxlan2
>> iface vxlan2 inet manual
>> vxlan-id 2
>> vxlan_remoteip 192.168.0.2
>> vxlan_remoteip 192.168.0.3
>> auto vmbr2
>> iface vmbr2 inet manual
>> bridge_ports vxlan2
>> bridge_stp off
>> bridge_fd 0
>> bridge-vlan-aware yes
>> bridge-vids 2-4096
> I'll try something like that.
Arf. ifupdown2 seems to be needed for vxlan interfaces to be setup. But it somehow breaks my ARP proxy setup on the WAN interface.
Not sure why, everything seems to be correctly setup, but the host doesn't answer to ARP requests anymore. And everything is back to normal as soon as I revert to classic ifupdown.
I'll try to look at this a bit later, when I more some spare time.
[ https://www.firewall-services.com/ ]
FIREWALL-SERVICES SAS, La sécurité des réseaux
Société de Services en Logiciels Libres
Tél : +33.5 56 64 15 32
[ https://www.firewall-services.com/ | https://www.firewall-services.com ]
pve-user mailing list
pve-user at pve.proxmox.com
More information about the pve-user