|
|
|
Linux bridge and VLAN | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
|
Hi,
I am trying to setup VLAN tagging between QEMU-KVM virtual machines and
betwen the virtual machines and the host. But I am getting nowhere...
It seems the VLAN tag are between stripped either by the bridge or by
the taps.
Scenario 1: VLAN tagging between host and VM
Setup:
Host and guests:
Fedora 12, kernel 2.6.32.21-168.fc12, all the latest packages
Host:
No iptables configured.
Bridge:
virbr0 Link encap:Ethernet HWaddr 02:46:5F:60:9D:19
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
VLAN 666 (bridge):
virbr0.666 Link encap:Ethernet HWaddr 02:46:5F:60:9D:19
inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::46:5fff:fe60:9d19/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
VM Guest tap:
vnet0 Link encap:Ethernet HWaddr 02:46:5F:60:9D:19
inet6 addr: fe80::46:5fff:fe60:9d19/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Bridge configuration:
bridge name bridge id STP enabled interfaces
virbr0 8000.02465f609d19 yes vnet0
vnet1
Routing configuration:
192.168.3.0/24 dev virbr0.666 proto kernel scope link src 192.168.3.1
192.168.2.0/24 dev virbr0 proto kernel scope link src 192.168.2.1
Guest:
Primary
eth0 Link encap:Ethernet HWaddr 52:54:00:FF:F0:02
inet addr:192.168.2.3 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:feff:f002/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
VLAN 666
eth0.666 Link encap:Ethernet HWaddr 52:54:00:FF:F0:02
inet addr:192.168.3.3 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:feff:f002/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Problem:
No communication between host and VM on VLAN 666.
host# ping 192.168.3.3
PING 192.168.3.3 (192.168.3.3) 56(84) bytes of data.
From 192.168.3.1 icmp_seq=2 Destination Host Unreachable
Tracing ARP packets:
HOST: virbr0.666
15:03:01.361905 02:46:5f:60:9d:19 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 42: Request who-has 192.168.3.3 tell 192.168.3.1,
length 28
0x0000: ffff ffff ffff 0246 5f60 9d19 0806 0001
0x0010: 0800 0604 0001 0246 5f60 9d19 c0a8 0301
0x0020: 0000 0000 0000 c0a8 0303
This packet reaches the VM (not seen on host virbr0 and vnet0, not on
guest eth0).
VM: eth0.666
15:03:01.362311 02:46:5f:60:9d:19 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 56: Request who-has 192.168.3.3 tell 192.168.3.1,
length 42
0x0000: ffff ffff ffff 0246 5f60 9d19 0806 0001
0x0010: 0800 0604 0001 0246 5f60 9d19 c0a8 0301
0x0020: 0000 0000 0000 c0a8 0303 0000 0000 0000
0x0030: 0000 0000 0000 0000
Odd that the packet has 14 null bytes appended to it (can anybody
explain that?). And the VM answers correctly...
VM: eth0.666
15:03:01.362400 52:54:00:ff:f0:02 (oui Unknown) > 02:46:5f:60:9d:19 (oui
Unknown), ethertype ARP (0x0806), length 42: Reply 192.168.3.3 is-at
52:54:00:ff:f0:02 (oui Unknown), length 28
0x0000: 0246 5f60 9d19 5254 00ff f002 0806 0001
0x0010: 0800 0604 0002 5254 00ff f002 c0a8 0303
0x0020: 0246 5f60 9d19 c0a8 0301
The answer is seen as tagged by the primary interface on the VM...
VM: eth0
15:03:01.362405 52:54:00:ff:f0:02 (oui Unknown) > 02:46:5f:60:9d:19 (oui
Unknown), ethertype 802.1Q (0x8100), length 46: vlan 666, p 0, ethertype
ARP, Reply 192.168.3.3 is-at 52:54:00:ff:f0:02 (oui Unknown), length 28
0x0000: 0246 5f60 9d19 5254 00ff f002 8100 029a
0x0010: 0806 0001 0800 0604 0002 5254 00ff f002
0x0020: c0a8 0303 0246 5f60 9d19 c0a8 0301
The answer is seen by host's virbr0 and vnet0, but it is no longer VLAN
tagged...
HOST: virbr0
15:03:01.362555 52:54:00:ff:f0:02 (oui Unknown) > 02:46:5f:60:9d:19 (oui
Unknown), ethertype ARP (0x0806), length 42: Reply 192.168.3.3 is-at
52:54:00:ff:f0:02 (oui Unknown), length 28
0x0000: 0246 5f60 9d19 5254 00ff f002 0806 0001
0x0010: 0800 0604 0002 5254 00ff f002 c0a8 0303
0x0020: 0246 5f60 9d19 c0a8 0301
HOST: vnet0
15:03:01.362555 52:54:00:ff:f0:02 (oui Unknown) > 02:46:5f:60:9d:19 (oui
Unknown), ethertype ARP (0x0806), length 42: Reply 192.168.3.3 is-at
52:54:00:ff:f0:02 (oui Unknown), length 28
0x0000: 0246 5f60 9d19 5254 00ff f002 0806 0001
0x0010: 0800 0604 0002 5254 00ff f002 c0a8 0303
0x0020: 0246 5f60 9d19 c0a8 0301
And the answer never reaches virbr0.666 (probably because it is no
longer tagged). So the ARP fails and the ping fails.
What is going here?
I am doing something wrong? Are VLAN not supported in this
configuration? Is something broken?
Scenario 2: VM to VM with VLAN tag
Setup:
Host:
Bridge:
virbr0 Link encap:Ethernet HWaddr 02:46:5F:60:9D:19
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3209 errors:0 dropped:0 overruns:0 frame:0
TX packets:3563 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:366233 (357.6 KiB) TX bytes:604364 (590.1 KiB)
VM 1 tap:
vnet0 Link encap:Ethernet HWaddr 02:46:5F:60:9D:19
inet6 addr: fe80::46:5fff:fe60:9d19/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1495 errors:0 dropped:0 overruns:0 frame:0
TX packets:8930 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:188898 (184.4 KiB) TX bytes:638277 (623.3 KiB)
VM 2 tap:
vnet1 Link encap:Ethernet HWaddr 9A:5A:1C:01:E5:04
inet6 addr: fe80::985a:1cff:fe01:e504/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1723 errors:0 dropped:0 overruns:0 frame:0
TX packets:9125 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:222975 (217.7 KiB) TX bytes:720467 (703.5 KiB)
VM 1:
Primary
eth0 Link encap:Ethernet HWaddr 52:54:00:FF:F0:02
inet addr:192.168.2.3 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:feff:f002/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
VLAN 666
eth0.666 Link encap:Ethernet HWaddr 52:54:00:FF:F0:02
inet addr:192.168.3.3 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:feff:f002/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
VM 2:
Primary
eth0 Link encap:Ethernet HWaddr 52:54:00:FF:F0:04
inet addr:192.168.2.4 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:feff:f004/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
VLAN 666
eth0.666 Link encap:Ethernet HWaddr 52:54:00:FF:F0:04
inet addr:192.168.3.4 Bcast:192.168.3.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:feff:f004/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Problem:
No communication between host and VM on VLAN 666.
vm1# ping 192.168.3.4
PING 192.168.3.4 (192.168.3.4) 56(84) bytes of data.
From 192.168.3.3 icmp_seq=1 Destination Host Unreachable
Tracing packets:
VM1: eth0.666
15:28:14.001309 52:54:00:ff:f0:02 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 42: Request who-has 192.168.3.4 tell 192.168.3.3,
length 28
0x0000: ffff ffff ffff 5254 00ff f002 0806 0001
0x0010: 0800 0604 0001 5254 00ff f002 c0a8 0303
0x0020: 0000 0000 0000 c0a8 0304
VM1: eth0
15:28:14.001318 52:54:00:ff:f0:02 (oui Unknown) > Broadcast, ethertype
802.1Q (0x8100), length 46: vlan 666, p 0, ethertype ARP, Request
who-has 192.168.3.4 tell 192.168.3.3, length 28
0x0000: ffff ffff ffff 5254 00ff f002 8100 029a
0x0010: 0806 0001 0800 0604 0001 5254 00ff f002
0x0020: c0a8 0303 0000 0000 0000 c0a8 0304
Ok, it's tagged...
HOST: virbr0
5:28:14.001434 52:54:00:ff:f0:02 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 42: Request who-has 192.168.3.4 tell 192.168.3.3,
length 28
0x0000: ffff ffff ffff 5254 00ff f002 0806 0001
0x0010: 0800 0604 0001 5254 00ff f002 c0a8 0303
0x0020: 0000 0000 0000 c0a8 0304
Again, no longer tagged...
HOST: vnet0
15:28:14.001434 52:54:00:ff:f0:02 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 42: Request who-has 192.168.3.4 tell 192.168.3.3,
length 28
0x0000: ffff ffff ffff 5254 00ff f002 0806 0001
0x0010: 0800 0604 0001 5254 00ff f002 c0a8 0303
0x0020: 0000 0000 0000 c0a8 0304
Not tagged...
HOST: vnet1
15:28:14.001464 52:54:00:ff:f0:02 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 42: Request who-has 192.168.3.4 tell 192.168.3.3,
length 28
0x0000: ffff ffff ffff 5254 00ff f002 0806 0001
0x0010: 0800 0604 0001 5254 00ff f002 c0a8 0303
0x0020: 0000 0000 0000 c0a8 0304
Not tagged...
VM2: eth0
15:28:15.002120 52:54:00:ff:f0:02 (oui Unknown) > Broadcast, ethertype
ARP (0x0806), length 60: Request who-has 192.168.3.4 tell 192.168.3.3,
length 46
0x0000: ffff ffff ffff 5254 00ff f002 0806 0001
0x0010: 0800 0604 0001 5254 00ff f002 c0a8 0303
0x0020: 0000 0000 0000 c0a8 0304 0000 0000 0000
0x0030: 0000 0000 0000 0000 0000 0000
Not tagged...
And why does it have 18 null bytes appended to it now ???
VM2: eth0.666
No packet seen.
This seems to be the same problem as the first setup. VLAN tags are
being stripped somewhere between QEMU, tap and bridge.
All help very much appreciated.
ISE
--
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Netdev] [Ethernet Bridging] [Linux 802.1Q VLAN] [Linux Wireless] [Kernel Newbies] [Security] [Linux for Hams] [Netfilter] [Git] [Bugtraq] [Photo] [Yosemite] [Yosemite News and Information] [MIPS Linux] [ARM Linux] [Linux RAID] [Linux PCI] [Linux Admin] [Samba] [Video 4 Linux] [Linux Resources]