Re: Domain XML and VLAN tagging
Il 2022-06-16 16:03 Laine Stump ha scritto: On 6/16/22 3:24 AM, Peter Krempa wrote: AFAIK it was simply never implemented. There's also an upstream feature request for this: https://gitlab.com/libvirt/libvirt/-/issues/157 When VLAN tagging was first implemented, Linux host bridges didn't have this capability - the only way to get guest traffic transparently tagged in that case was by having the bridge attached to a host VLAN interface rather than directly to the physical ethernet (resulting in the traffic from all guests attached to the bridge being tagged/untagged). A few years later support for tagging on individual host bridge ports was aded to the Linux bridge driver, but there was never enough push for the feature to get it added to libvirt. "Patches are welcome" of course! Thank you both, Regards. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8
Re: Domain XML and VLAN tagging
On 6/16/22 3:24 AM, Peter Krempa wrote: On Thu, Jun 16, 2022 at 09:20:21 +0200, Gionatan Danti wrote: Hi all, from here [1]: "Network connections that support guest-transparent VLAN tagging include 1) type='bridge' interfaces connected to an Open vSwitch bridge Since 0.10.0 , 2) SRIOV Virtual Functions (VF) used via type='hostdev' (direct device assignment) Since 0.10.0 , and 3) SRIOV VFs used via type='direct' with mode='passthrough' (macvtap "passthru" mode) Since 1.3.5 . All other connection types, including standard linux bridges and libvirt's own virtual networks, do not support it." I read it correctly that when used on a classical linux bridge these vlan tags does nothing? If so, it is due to something related to the underlying bridge device (ie: incomplete support for vlan filtering) or it is because libvirt lacks the necessary "plumbing" to use advanced bridge features? AFAIK it was simply never implemented. There's also an upstream feature request for this: https://gitlab.com/libvirt/libvirt/-/issues/157 When VLAN tagging was first implemented, Linux host bridges didn't have this capability - the only way to get guest traffic transparently tagged in that case was by having the bridge attached to a host VLAN interface rather than directly to the physical ethernet (resulting in the traffic from all guests attached to the bridge being tagged/untagged). A few years later support for tagging on individual host bridge ports was aded to the Linux bridge driver, but there was never enough push for the feature to get it added to libvirt. "Patches are welcome" of course!
Re: Domain XML and VLAN tagging
On Thu, Jun 16, 2022 at 09:20:21 +0200, Gionatan Danti wrote: > Hi all, > from here [1]: > > "Network connections that support guest-transparent VLAN tagging include 1) > type='bridge' interfaces connected to an Open vSwitch bridge Since 0.10.0 , > 2) SRIOV Virtual Functions (VF) used via type='hostdev' (direct device > assignment) Since 0.10.0 , and 3) SRIOV VFs used via type='direct' with > mode='passthrough' (macvtap "passthru" mode) Since 1.3.5 . All other > connection types, including standard linux bridges and libvirt's own virtual > networks, do not support it." > > I read it correctly that when used on a classical linux bridge these vlan > tags does nothing? If so, it is due to something related to the underlying > bridge device (ie: incomplete support for vlan filtering) or it is because > libvirt lacks the necessary "plumbing" to use advanced bridge features? AFAIK it was simply never implemented. There's also an upstream feature request for this: https://gitlab.com/libvirt/libvirt/-/issues/157 > > Thanks. > > [1] > https://libvirt.org/formatdomain.html#setting-vlan-tag-on-supported-network-types-only > > -- > Danti Gionatan > Supporto Tecnico > Assyoma S.r.l. - www.assyoma.it > email: g.da...@assyoma.it - i...@assyoma.it > GPG public key ID: FF5F32A8 >
Domain XML and VLAN tagging
Hi all, from here [1]: "Network connections that support guest-transparent VLAN tagging include 1) type='bridge' interfaces connected to an Open vSwitch bridge Since 0.10.0 , 2) SRIOV Virtual Functions (VF) used via type='hostdev' (direct device assignment) Since 0.10.0 , and 3) SRIOV VFs used via type='direct' with mode='passthrough' (macvtap "passthru" mode) Since 1.3.5 . All other connection types, including standard linux bridges and libvirt's own virtual networks, do not support it." I read it correctly that when used on a classical linux bridge these vlan tags does nothing? If so, it is due to something related to the underlying bridge device (ie: incomplete support for vlan filtering) or it is because libvirt lacks the necessary "plumbing" to use advanced bridge features? Thanks. [1] https://libvirt.org/formatdomain.html#setting-vlan-tag-on-supported-network-types-only -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8
