Score:1

Server

untagged traffic must become tagged traffic after passing through the bridge

Mazzy

11/19/23, 11:12 AM

I'm trying to achieve something simple.

I have a machine which has a single physical port enp89s0. this is connected to the native VLAN (VLAN=1).

I need to create VMs and place them on a separate VLAN=166.

In order to not specify the interface name of the machines in the systemd networkd, I have created a bridge and connect VMs there.

This bridge has as uplink an vlan interface eth.166 which is connected to the main bridge.

the design would look like the following

              -------------               -------------
  enps890    |             |     eth.166 |              |
-------------|   br0       |-------------|    br166     | 
             |             |             |              |
             --------------               --------------

the VMs get connected to the br166.

The VMs do not tag the traffic so the traffic arrives untagged and the interface eth.166 should tag it and pass it to the switch. My switch is configured with trunk port so I do not think is an issue of the switch. I've spent some time to it but I could not find the way.

Here my configuration

br0.netdev

[NetDev]
Name=br0
Kind=bridge

[Bridge]
VLANFiltering=yes

br0.network

[Match]
Name=br0

[Network]
DHCP=yes

[Network]
VLAN=eth.166

enps890.network

[Match]
Name=enp89s0
[Network]
Bridge=br0
[BridgeVLAN]
VLAN=166

br166.netdev

[NetDev]
Name=br166
Kind=bridge

[Bridge]
VLANFiltering=yes

br166.network

[Match]
Name=br166

[Network]
DHCP=no

eth.166.network

[Match]
Name=eth.166

[Network]
Bridge=br166
DHCP=no

[BridgeVLAN]
VLAN=166
PVID=166
EgressUntagged=166

eth.166.netdev

[NetDev]
Name=eth.166
Kind=vlan

[VLAN]
Id=166

$ bridge vlan

port              vlan-id
enp89s0           1 PVID Egress Untagged
                  166
br0               1 PVID Egress Untagged
br166             1 PVID Egress Untagged
eth.166           1 Egress Untagged
                  166 PVID Egress Untagged
virbr0            1 PVID Egress Untagged

253

0 + 3

network-design

vlan

bridge

linux-networking

systemd-networkd

Mazzy

11/19/23, 11:18 AM

conceptually I do not understand whether we need to specify `[BridgeVLAN]` config for the interface `eth.166`. This interface is already a VLAN so it is required?

Nikita Kipriyanov

11/19/23, 4:06 PM

I don't get where "eth" is coming from. Your "eth.166" looks like a VLAN subinterface of some interface with the name "eth", but what is it and where is it defined, how Linux should create it if it supposed to be a virtual interface? You can't just take a name and use it out of nowhere. Maybe you meant to use [virtual ethernet pair device](https://man7.org/linux/man-pages/man4/veth.4.html)? One side of a pair can participate in one bridge, another side could be enslaved into another, or subinterfaced and put into bridge, it's up to you. Also, is that for `libvirt`?

Mazzy

11/19/23, 5:41 PM

Now I have fixed the issue. The issue was that br0 had to allow also vlan166 traffic. By the way Nikita you can call in Linux interfaces with whatever name you want and create them out of the blue. Up to your fantasy and your wishes. :-) I called eth.166. Now eveyrhing works. I'll post the correct config.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: untagged traffic must become tagged traffic after passing through the bridge

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.