I have installed a Debian-based VM with two network interfaces, one with one public IP and another with one private IP. I can access public gateway IP and beyond from the public interface (native/untagged VLAN 1) but the private interface cannot reach its private gateway IP (tagged VLAN 5).
Scenario:
- Guest: Debian 11 with two network interfaces (ens3 -public-, ens8 -private-).
- Host: Debian 11 with one network interface (eno3) devoted to both guest's interfaces.
- Physical L2/3 Dell switch: one port in "general" VLAN mode allowing VLAN 1 (native, untagged) and VLAN 5 (VM management, tagged) linked to host's eno3.
Host's eno3 in /etc/network/interfaces is set to:
allow-hotplug eno3
iface eno3 inet manual
pre-up modprobe 8021q
pre-up ifconfig eno3 up
post-down ifconfig eno3 down
allow-hotplug eno3.5
iface eno3.5 inet static # NO NEED FOR AN IP HERE I HOPE
Same file in the guest's side is as follows:
auto ens8 ens8.5
allow-hotplug ens8 ens8.5
iface ens8.5 inet static
address <MGMT_PRIVATE_IP>/<MASK>
vlan-raw-device ens8
allow-hotplug ens3
iface ens3 inet static
address <SRV_PUBLIC_IP>/<MASK>
gateway <SRV_GATEWAY_IP>
As for the virt-manager guest NICs config in GUI it stands for:
NIC nº 1 (attached to ens3):
- Network source: Macvtap device (in bridge mode according to XML source file)
- Device name: eno3
- Device model: virtio
Same for NIC nº 2 but Device name: eno3.5
What I'm missing here? I don't care about communication between host and guest so that's why I chose macvtap (bridge device option spawned some vnet error anyways).
