Hi all, We are seeing some strange behavior with our KVM guests. When the guest VM is on the same KVM host as the vRouter, traffic to the guest VM is being tagged with VLAN 0 (it should just be untagged traffic). This breaks connectivity for some operating systems that aren't expecting packets to be tagged with a VLAN. Technically, the guest VLAN is 306, and we see Cloudstack creating the 306 VLAN sub-interface on the host and the corresponding bridge interface - that all looks good.
This only occurs when the guest VM is on the same host as the vRouter. However, it is likely that the physical switch connecting the KVM hosts is being smart and stripping the VLAN 0 tag... and that is why we don't have the problem with the traffic flows between hosts. Cloudstack 4.9.3 w/ Advanced Networking CentOS 7.4 KVM host (fully up-to-date) Bridge networking within the host Here is a tcpdump on the guest VM, showing the dot1q "VLAN 0" tag on the response packets only. The guest doesn't support VLAN tagging, and just says request timed out to the ping. 01:18:22.723029 02:00:0c:a3:00:05 > 02:00:56:46:00:04, ethertype IPv4 (0x0800), length 98: 10.1.1.246 > 8.8.8.8: ICMP echo request, id 1375, seq 150, length 64 01:18:22.738067 02:00:56:46:00:04 > 02:00:0c:a3:00:05, ethertype 802.1Q (0x8100), length 102: vlan 0, p 0, ethertype IPv4, 8.8.8.8 > 10.1.1.246: ICMP echo reply, id 1375, seq 150, length 64 01:18:23.724363 02:00:0c:a3:00:05 > 02:00:56:46:00:04, ethertype IPv4 (0x0800), length 98: 10.1.1.246 > 8.8.8.8: ICMP echo request, id 1375, seq 151, length 64 01:18:23.739301 02:00:56:46:00:04 > 02:00:0c:a3:00:05, ethertype 802.1Q (0x8100), length 102: vlan 0, p 0, ethertype IPv4, 8.8.8.8 > 10.1.1.246: ICMP echo reply, id 1375, seq 151, length 64 01:18:24.725480 02:00:0c:a3:00:05 > 02:00:56:46:00:04, ethertype IPv4 (0x0800), length 98: 10.1.1.246 > 8.8.8.8: ICMP echo request, id 1375, seq 152, length 64 01:18:24.740498 02:00:56:46:00:04 > 02:00:0c:a3:00:05, ethertype 802.1Q (0x8100), length 102: vlan 0, p 0, ethertype IPv4, 8.8.8.8 > 10.1.1.246: ICMP echo reply, id 1375, seq 152, length 64 01:18:25.726752 02:00:0c:a3:00:05 > 02:00:56:46:00:04, ethertype IPv4 (0x0800), length 98: 10.1.1.246 > 8.8.8.8: ICMP echo request, id 1375, seq 153, length 64 01:18:25.741749 02:00:56:46:00:04 > 02:00:0c:a3:00:05, ethertype 802.1Q (0x8100), length 102: vlan 0, p 0, ethertype IPv4, 8.8.8.8 > 10.1.1.246: ICMP echo reply, id 1375, seq 153, length 64 Any idea how to stop KVM from adding that VLAN 0 dot1q tag? KVM is a new add to our environment. Thanks Sean
