From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sleemburg@it-functions.nl>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 5C65662CE6
 for <pve-devel@lists.proxmox.com>; Sun, 23 Aug 2020 17:49:44 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 50A7E17088
 for <pve-devel@lists.proxmox.com>; Sun, 23 Aug 2020 17:49:44 +0200 (CEST)
Received: from mx0.it-functions.nl (mx0.it-functions.nl [178.32.167.210])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest
 SHA256) (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id B86E917072
 for <pve-devel@lists.proxmox.com>; Sun, 23 Aug 2020 17:49:43 +0200 (CEST)
Received: from [217.100.26.194] (helo=daruma-old.hachimitsu.nl)
 by mx0.it-functions.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.92) (envelope-from <sleemburg@it-functions.nl>)
 id 1k9sFa-0001M9-W9
 for pve-devel@lists.proxmox.com; Sun, 23 Aug 2020 17:49:43 +0200
Received: from [192.168.254.32] by daruma-old.hachimitsu.nl with esmtps
 (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89)
 (envelope-from <sleemburg@it-functions.nl>)
 id 1k9sFX-0002Hx-RO; Sun, 23 Aug 2020 17:49:39 +0200
To: Dietmar Maurer <dietmar@proxmox.com>,
 Proxmox VE development discussion <pve-devel@lists.proxmox.com>
References: <d4c75d3b-88e6-36db-9c05-88254a305d4a@it-functions.nl>
 <1877466395.127.1598159022900@webmail.proxmox.com>
 <292235591.128.1598159408132@webmail.proxmox.com>
 <15c9ed01-6e88-b3c6-6efd-cb5c881904fb@it-functions.nl>
 <169647259.135.1598192643864@webmail.proxmox.com>
From: Stephan Leemburg <sleemburg@it-functions.nl>
Organization: IT Functions
Message-ID: <cf88bdfc-b3c2-e90a-9754-f5586d26d8d3@it-functions.nl>
Date: Sun, 23 Aug 2020 17:49:39 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <169647259.135.1598192643864@webmail.proxmox.com>
Content-Language: nl
X-Scan-Signature: f7ef7e28393a6294be8f83f145aa7071
X-GeoIP: NL
X-Virus-Scanned: by clamav-new
X-Scan-Signature: 63c55563914350f3996140fa4236176d
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.131 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 NICE_REPLY_A           -0.948 Looks like a legit reply (A)
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 T_SPF_PERMERROR          0.01 SPF: test of record failed (permerror)
X-Mailman-Approved-At: Mon, 24 Aug 2020 11:19:01 +0200
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
Subject: Re: [pve-devel] More than 10 interfaces in lxc containers
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Sun, 23 Aug 2020 15:49:44 -0000

Hi Dietmar,

To explain a little more. The OVH servers are just rented hardware 
somewhere in a datacenter of OVH.

I have no control over switching, etc. All networking is 'internal'. See 
the attached drawing.

Probably, it is what was on your mind. But I think it's good for me to 
explain as clearly as possible.

And - again - if I am not educated enough about how to use traditional 
vmbr setups as a vlan trunk, then any pointer to information is welcome.

Kind regards,

Stephan

On 23-08-2020 16:24, Dietmar Maurer wrote:
>> If it would be possible to provide a 'trunk' openvswitch interface to
>> the CT, then from within the CT vlan devices could be setup from the
>> trunk, but in the end that will still create 10+ interfaces in the
>> container itself.
> Cant you simply use a single network interface, then configure the vlans
> inside the firewall?
>
> IMHO, using one interface for each VLAN is the wrong approach. I am sure
> next time people will ask for 4095 interfaces ...
>