System and Network configuration • KVM + VLAN-aware-bridge

• I have a system with 2 interfaces.

• One interface will be a normal interface with a normal bridge, nothing fancy, let's call this the WAN-interface.

• The second interface is the internal LAN-interface, this will be the topic of this thread: should be a VLAN-aware bridge.

• This system is going to be running a virtual router/firewall, in my case OPNsense. It should have multiple VLAN's on that internal LAN interface.

auto loiface lo inet loopbackauto enp1s0iface enp1s0 inet manualauto brlaniface brlan inet manualbridge-ports enp1s0 bridge-stp offbridge-fd 0bridge-vlan-aware yesbridge-vids 2-4094auto brlan.1iface brlan.1 inet staticaddress 192.168.1.126/24gateway 192.168.1.1source /etc/network/interfaces.d/*

• I want to pass multiple VLAN's to that LAN-bridge which is VLAN-aware.

• The hypervisor itself also has an interface in one of the VLAN's, for remote management (brlan.1)

• This physical interface is connected to a trunk port on a managed switch which is passing all the necessary VLAN's on as tagged VLAN's.

• I see some tutorials talking about messing with net.ipv4.conf.all.arp_filter=0 etc., is this necessary for this kind of setup?

• I see a lot of tutorials involving proxmox, where they "need to tag the VM interface also on the level of the hypervisor it seems". Is that necessary here and how to do this then?

• I see some tutorials doing an extra step like "bridge vlan add dev enp1s0 vid 10". Is this also necessary to get the VLAN's inside of the VM?

Statistics: Posted by aquilares — 2024-02-20 07:44 — Replies 14 — Views 214