802.1q (Multiple Vlan tagging) to the guest

kvm-virtualizationvlan

I want to get my tags , ( 802.1q ) to the Guest
I do not want KVM or CENT stripping the TAG and presenting untagged traffic.
I will be having 600 Plus vlans on the switches port, and I need the Guests to handle the traffic. i can not create 600 bridges in /network-interfaces as the 600 vlans will grow to 2045 vlans.

Simular to ESX 4095 method where the esx passes all traffic to the guest.
I am running Centos 7
KVM is installed and running well

If possible I may need to know the following.

Should i leave Network Manager installed on the Cent?
Is there a Gui that can perform this for my networking, as many users will be managing these systems and we need something simple. can it be done through the network manager in gnome…

Thanks
john inmontreal

Best Answer

I don't use 802.3q (QnQ) on the host server to transmit vlans to guest virtual machines. Simply use bridge interface on real network interface or link aggregation group of them (bonding). Bridge inteface mustn't have any ip configuration. All vlans will be present on bridge inteface and available for guest machines. Don't forget to change switch port (ports) to vlan tagged mode (trunk mode) and allow needed vlans access on it (them).

You must create vlan interface on the host server to have access to it via network. By example br0.12, where 12 is your management vlan. Configure ip address and other network properties on this interface.

I usually disable NetworkManager service on host server, because it's comfortable for dynamic configuration of network Interfaces, not for static config.

Example: eth0 - management interface, eth1 - for all VM's, br0 - will be assigned to VM with all vlans, br31 - will be assigned to Windows VM's, witch can't use vlans, but needed to access to vlan 31 untagged. On the switch all vlans must be tagged.

/etc/sysconfig/network-scripts/ifcfg-eth0 file:

TYPE=Ethernet
NAME=eth0
DEVICE=eth0
UUID=a2321e2c-3057-41ab-aa36-92d553d30c29
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.50
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=192.168.0.1
DOMAIN="example.com"

/etc/sysconfig/network-scripts/ifcfg-eth1 file:

TYPE=Ethernet
NAME=eth1
DEVICE=eth1
UUID=a2321e2c-3057-41ab-aa36-92d553d30c30
ONBOOT=yes
BOOTPROTO=none
BRIDGE=br0

/etc/sysconfig/network-scripts/ifcfg-br0 file:

DEVICE=br0
ONBOOT=yes
TYPE=Bridge
STP=on
DELAY=0

/etc/sysconfig/network-scripts/ifcfg-br0.31 file:

VLAN=yes
DEVICE=br0.31
NAME=br0.31
ONBOOT=yes
BOOTPROTO=none
BRIDGE=br31

/etc/sysconfig/network-scripts/ifcfg-br31 file:

DEVICE=br31
ONBOOT=yes
TYPE=Bridge
STP=on
DELAY=0

To disable NetworkManager in Centos 6 and less:

chkconfig NetworkManager off
chkconfig network on
service NetworkManager stop
service network restart

To disable NetworkManager in Centos 7 and less:

systemctl disable NetworkManager
systemctl enable network
systemctl stop NetworkManager
systemctl resart network

Add to /etc/sysctl.conf next several lines and apply by command sysctl -p /etc/sysctl.conf

net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-ip6tables = 0 
net.bridge.bridge-nf-call-iptables = 0 
net.bridge.bridge-nf-call-arptables = 0

Check your firewall (iptables) that it allows forwarding.

Best Answer

Related Solutions

Dell PowerConnect VLAN – Setting 802.1Q Tagged Port on VLAN1

Cisco – Setting up VLAN on Win Server 2008 VMware guest

Related Topic