From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id EED3A1FF2CA for ; Tue, 23 Jul 2024 13:19:57 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6548D18DC; Tue, 23 Jul 2024 13:20:26 +0200 (CEST) References: In-Reply-To: To: Proxmox VE user list Date: Tue, 23 Jul 2024 13:14:27 +0200 MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE user list List-Post: From: Stefan Radman via pve-user Precedence: list Cc: Stefan Radman X-Mailman-Version: 2.1.29 X-BeenThere: pve-user@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE user list List-Help: Subject: Re: [PVE-User] [Extern] - Re: Mapping of VLAN tags to Linux bridges: Is that possible? Content-Type: multipart/mixed; boundary="===============8582250052227634000==" Errors-To: pve-user-bounces@lists.proxmox.com Sender: "pve-user" --===============8582250052227634000== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-user@lists.proxmox.com Delivered-To: pve-user@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id D00FEC29D1 for ; Tue, 23 Jul 2024 13:20:24 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id ADC0817FA for ; Tue, 23 Jul 2024 13:20:24 +0200 (CEST) Received: from pv50p00im-zteg10011401.me.com (pv50p00im-zteg10011401.me.com [17.58.6.41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Tue, 23 Jul 2024 13:20:23 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=me.com; s=1a1hai; t=1721733285; bh=vwuX2eifZTugrfkioAJ91dKvBdrRg6IdSmmVALN9t9c=; h=Content-Type:From:Mime-Version:Subject:Message-Id:To:Date; b=SmzxRaLWeqPnR0PFfjIJ8JuauIhiBZ/daz4mHxSJpaDx8nt/nPBHDi3SKdv0/l8Kz l8Cu5z7nGxPq99b4f72AWaiW55I5d+CPBLNhYU0hh6/eFYr4Oit2uSNbZUPDe2kWIP l0tcT+UxxztasFfmHpmPvQ1aDdMa7O1IeALW2mHhdTu9thT7werZqAb5EoEUZuFB+d KNOqHPUR2zZdtiqLkuYuX/Iz5GfoMTNiZucOdxTjbnsMOEk7LVuhm3YDI/HElBsnCL 7jO8ubuuIATW/0c0EUwR+RPMuEf3DUNt0I3sLnIoy3KJLrZ2Mb+597mPoPpADT9UtC P7S7ppYvr2GJQ== Received: from smtpclient.apple (pv50p00im-dlb-asmtp-mailmevip.me.com [17.56.9.10]) by pv50p00im-zteg10011401.me.com (Postfix) with ESMTPSA id F3AEFDC0273; Tue, 23 Jul 2024 11:14:41 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Stefan Radman Mime-Version: 1.0 (1.0) Subject: Re: [PVE-User] [Extern] - Re: Mapping of VLAN tags to Linux bridges: Is that possible? Message-Id: <6A5F81D8-DC7D-401E-909E-43D781859AF9@me.com> References: In-Reply-To: To: Proxmox VE user list Date: Tue, 23 Jul 2024 13:14:27 +0200 X-Mailer: iPhone Mail (21F90) X-Proofpoint-GUID: mb4FmPnsPH8o_bDarM3X83L5PV3TyPr7 X-Proofpoint-ORIG-GUID: mb4FmPnsPH8o_bDarM3X83L5PV3TyPr7 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-22_18,2024-07-23_01,2024-05-17_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 mlxscore=0 malwarescore=0 spamscore=0 clxscore=1015 phishscore=0 bulkscore=0 suspectscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2308100000 definitions=main-2407230081 X-Apple-Remote-Links: v=1;h=KCk=;charset=UTF-8 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.062 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy FREEMAIL_FROM 0.001 Sender email is commonly abused enduser mail provider RCVD_IN_MSPIKE_H2 -0.001 Average reputation (+2) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [me.com,proxmox.com] > Where is the VLAN tag in your example? Is it encapsulated in the bond name= "bond0.90' being for VLAN 90? Yes, correct. The number behind the dot indicates the VLAN tag to be added before sending a= frame to the bond0 interface. I use the same approach and typically have bond0 (without tag) attached to v= mbr0. That keeps the cluster management traffic untagged (trunk native VLAN)= . Stefan Sent from my fingertips > On 22.07.2024, at 21:50, Frank Thommen wrot= e: >=20 > =EF=BB=BFHi Bastian, >=20 > maybe I am missing the point: Where is the VLAN tag in your example? Is it= encapsulated in the bond name "bond0.90' being for VLAN 90? >=20 > Frank >=20 >=20 >> On 22.07.24 21:18, Bastian Sebode via pve-user wrote: >> Hello Frank, >> you can achieve that with normal Linux networking already, without the ne= ed of SDN. >> Over the Network Tab of the Hosts GUI (interface names are examples): >> - Create the Bond/LAG/Port Channel/Trunk on the switch, put the needed VL= ANs tagged on it >> - Create a "Linux Bond" `bond0` with the host interfaces `ens18 ens19`, p= referably with LACP on Host and Switch. No IP address necessary >> - Create a "Linux VLAN" `bond0.90` with the "vlan raw device" `bond0`. No= IP address necessary >> - Create a "Linux Bridge" `vmbr90` with the slave interface `bond0.90`. N= o IP address necessary, only if you want to manage the server over it >> - Attach the VMs to the VLAN bridge >> - Repeat for every VLAN you need >> There is also the possibility to have the VLAN Tags on the Linux bridge, b= ut I would always prefer the mentioned above. >> Hope this helps and others can confirm that the are using such a setup. >> Peace >> Bastian >=20 > _______________________________________________ > pve-user mailing list > pve-user@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user >=20 --===============8582250052227634000== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-user mailing list pve-user@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user --===============8582250052227634000==--