Thanks Greg for your json config files. I notice that you still have a vlan_id
tag set for the nics. I gather the key to having this work is the following
options?
"allow_dhcp_spoofing": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_restricted_traffic": true,
"allow_unfiltered_promisc": true
________________________________
From: Greg Treantos <gtrea...@gmail.com>
Sent: Tuesday, 20 February 2018 12:44 a.m.
To: smartos-discuss@lists.smartos.org
Subject: Re: [smartos-discuss] Assign trunk port to KVM host in Smartos
Eugene,
I am running two routers on my Smartos box for my home network. I
have Verizon Fios and to get remote DVR functions I have to use a mid-router to
fake the Verizon router in thinking it is connected to the Verizon ONT. I port
forward all Verzion packets from the main Opnsense router to Vyos, then off to
the Verizon router. This setup is well documented. anyway I use the setup you
describe. I have one interface or Trunk as you call it then vlan the routers
through that interface. Here are the JSONs for Vyos and Opnsense. One note do
not spoof the WAN interface, only the lan interfaces. The key is your nic_tag,
that points to your trunk interface. All nics get set up in /usbkey/config.
Hope this helps
/usb/config
#firewall nic definition
firewall_nic=a0:36:9f:3:51:6d
Vyos JSONs
vmadm get 89168e3f-dec5-676e-879d-c90b69a7d988 |json
{
"zonename": "89168e3f-dec5-676e-879d-c90b69a7d988",
"autoboot": true,
"brand": "kvm",
"limit_priv":
"default,-file_link_any,-net_access,-proc_fork,-proc_info,-proc_session",
"v": 1,
"create_timestamp": "2017-01-10T00:25:40.170Z",
"cpu_shares": 100,
"max_lwps": 2000,
"max_msg_ids": 4096,
"max_sem_ids": 4096,
"max_shm_ids": 4096,
"max_shm_memory": 1536,
"zfs_io_priority": 100,
"max_physical_memory": 1536,
"max_locked_memory": 1536,
"max_swap": 1536,
"billing_id": "00000000-0000-0000-0000-000000000000",
"owner_uuid": "00000000-0000-0000-0000-000000000000",
"alias": "vyos vz bridge router",
"ram": 512,
"vcpus": 1,
"vnc_port": 23456,
"disks": [
{
"path": "/dev/zvol/rdsk/zones/89168e3f-dec5-676e-879d-c90b69a7d988-disk0",
"boot": true,
"model": "virtio",
"media": "disk",
"zfs_filesystem": "zones/89168e3f-dec5-676e-879d-c90b69a7d988-disk0",
"zpool": "zones",
"size": 1024,
"compression": "off",
"refreservation": 1024,
"block_size": 8192
}
],
"nics": [
{
"interface": "net0",
"mac": "52:54:00:b6:c8:21",
"vlan_id": 100,
"nic_tag": "firewall",
"ip": "dhcp",
"ips": [
"dhcp"
],
"model": "virtio",
"allow_dhcp_spoofing": false,
"allow_ip_spoofing": false,
"allow_mac_spoofing": false,
"allow_restricted_traffic": false,
"allow_unfiltered_promisc": false,
"primary": true
},
{
"interface": "net1",
"mac": "72:7c:9d:dd:6e:a3",
"vlan_id": 173,
"nic_tag": "firewall",
"netmask": "255.255.255.0",
"ip": "173.48.255.1",
"ips": [
"173.48.255.1/24<http://173.48.255.1/24>"
],
"model": "virtio",
"allow_dhcp_spoofing": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_restricted_traffic": true,
"allow_unfiltered_promisc": true
}
],
"uuid": "89168e3f-dec5-676e-879d-c90b69a7d988",
"zone_state": "running",
"zonepath": "/zones/89168e3f-dec5-676e-879d-c90b69a7d988",
"zoneid": 6,
"last_modified": "2018-02-18T12:59:40.000Z",
"resolvers": [],
"firewall_enabled": false,
"server_uuid": "20c32547-dad7-dd11-abd6-d017c2956b6b",
"platform_buildstamp": "20180203T031130Z",
"state": "running",
"boot_timestamp": "2018-02-18T12:59:40.000Z",
"pid": 5356,
"customer_metadata": {},
"internal_metadata": {},
"routes": {},
"tags": {},
"quota": 10,
"zfs_root_recsize": 131072,
"zfs_filesystem": "zones/89168e3f-dec5-676e-879d-c90b69a7d988",
"zpool": "zones",
"snapshots": []
}
[root@smugglers ~]# vmadm get c4cc5cd2-9d63-4546-c405-9e9bf724268a | json
{
"zonename": "c4cc5cd2-9d63-4546-c405-9e9bf724268a",
"autoboot": true,
"brand": "kvm",
"limit_priv":
"default,-file_link_any,-net_access,-proc_fork,-proc_info,-proc_session",
"v": 1,
"create_timestamp": "2017-10-27T16:13:45.003Z",
"cpu_shares": 100,
"max_lwps": 2000,
"max_msg_ids": 4096,
"max_sem_ids": 4096,
"max_shm_ids": 4096,
"max_shm_memory": 2048,
"zfs_io_priority": 100,
"max_physical_memory": 2048,
"max_locked_memory": 2048,
"max_swap": 2048,
"billing_id": "00000000-0000-0000-0000-000000000000",
"owner_uuid": "00000000-0000-0000-0000-000000000000",
"alias": "Backup Opnsense Firewall",
"ram": 1024,
"vcpus": 2,
"vnc_port": 99999,
"disks": [
{
"path": "/dev/zvol/rdsk/zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a-disk0",
"boot": true,
"model": "virtio",
"media": "disk",
"zfs_filesystem": "zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a-disk0",
"zpool": "zones",
"size": 5120,
"compression": "off",
"refreservation": 5120,
"block_size": 8192
}
],
"nics": [
{
"interface": "net0",
"mac": "ab:cd:ef:gh:ij:kl",
"vlan_id": 10,
"nic_tag": "firewall",
"ip": "dhcp",
"ips": [
"dhcp"
],
"model": "virtio",
"allow_dhcp_spoofing": false,
"allow_ip_spoofing": false,
"allow_mac_spoofing": false,
"allow_restricted_traffic": false,
"allow_unfiltered_promisc": false,
"primary": true
},
{
"interface": "net1",
"mac": "42:50:0e:e8:c7:28",
"vlan_id": 100,
"nic_tag": "firewall",
"netmask": "255.255.255.0",
"ip": "192.168.1.254",
"ips": [
"192.168.1.254/24<http://192.168.1.254/24>"
],
"model": "virtio",
"allow_dhcp_spoofing": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_restricted_traffic": true,
"allow_unfiltered_promisc": true
},
{
"interface": "net2",
"mac": "f2:8d:d3:20:1c:20",
"vlan_id": 200,
"nic_tag": "firewall",
"netmask": "255.255.255.224",
"ip": "192.168.200.30",
"ips": [
"192.168.200.30/27<http://192.168.200.30/27>"
],
"model": "virtio",
"allow_dhcp_spoofing": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_restricted_traffic": true,
"allow_unfiltered_promisc": true
}
],
"uuid": "c4cc5cd2-9d63-4546-c405-9e9bf724268a",
"zone_state": "running",
"zonepath": "/zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a",
"zoneid": 7,
"last_modified": "2018-02-18T12:59:41.000Z",
"resolvers": [],
"firewall_enabled": false,
"server_uuid": "20c32547-dad7-dd11-abd6-d017c2956b6b",
"platform_buildstamp": "20180203T031130Z",
"state": "running",
"boot_timestamp": "2018-02-18T12:59:41.000Z",
"pid": 5431,
"customer_metadata": {},
"internal_metadata": {},
"routes": {},
"tags": {},
"quota": 10,
"zfs_root_recsize": 131072,
"zfs_filesystem": "zones/c4cc5cd2-9d63-4546-c405-9e9bf724268a",
"zpool": "zones",
"snapshots": []
}
On Mon, Feb 19, 2018 at 4:08 AM, Eugene Lee
<eky_...@hotmail.com<mailto:eky_...@hotmail.com>> wrote:
Hi,
I am fairly new still to Smartos and learning my way around it. I have been in
the process of migrating my environment from VMware ESXi to a Smartos host. I
have a Vyos virtual router that I would like to migrate from VMware to Smartos.
In VMware I know how to assign a trunk port to the Vyos virtual machine and
then assign various IPs in different VLANs for routing in the Vyos router. I
am not sure what the equivalent way of doing this is in SmartOs.
I know that you can add the vlan_id tag to the JSON file for the KVM machine
but given I want a trunk port assigned to the KVM machine (that will be running
Vyos), how do I go about doing this? Hopefully what I want to achieve makes
sense.
Thanks,
Eugene
--
Greg
http://www.linkedin.com/in/gregtreantos
smartos-discuss | Archives<https://www.listbox.com/member/archive/184463/=now>
[https://www.listbox.com/images/feed-icon-10x10.jpg071777d.jpg?uri=aHR0cHM6Ly93d3cubGlzdGJveC5jb20vaW1hZ2VzL2ZlZWQtaWNvbi0xMHgxMC5qcGc]
<https://www.listbox.com/member/archive/rss/184463/29581085-44f2ca1e> |
Modify<https://www.listbox.com/member/?&;> Your Subscription
[https://www.listbox.com/images/listbox-logo-small.png071777d.png?uri=aHR0cHM6Ly93d3cubGlzdGJveC5jb20vaW1hZ2VzL2xpc3Rib3gtbG9nby1zbWFsbC5wbmc]
<http://www.listbox.com>
-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00
Modify Your Subscription:
https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb
Powered by Listbox: http://www.listbox.com
