Stripped 802.1q from frames

[Ron Vachiyer <ronvach@abacom.com>]

Hello,

I have a curious behaviour I am seeing on my two KVM hosts running under 
CentOS6.4 on HP Hardware (bnx2 NICs in both cases), virtio is configured 
for the guest networking.

The hosts are connected to Cisco switches on a trunk port.  I have noted 
that flooded frames from 802.1q VLANs not native to any interface on the 
KVM hosts are stripped of their 802.1q tags and forwarded to guests 
configured to use the bridge0 or macvtap interface on the host (whatever 
native VLAN that host is in).  KVM guests that are utilizing a different 
802.1q-tagged bridge interface on the host do not see this behaviour.

At first I believed it was an issue with the host that was bonding two 
NICs, however the second host on a single eth0 interface is seeing the 
same thing.  I have run a packet capture on a guest and the host 
simultaneously and confirmed that although the host will receive a frame 
from the Cisco switch tagged for example VID:08, for which the kvm host 
does not have an interface, libpcap shows the 802.1q tag on the frame.  
However, that very same frame somehow gets stripped of that tag, and the 
guest has visibility to this frame but without the tag.

I first noticed this when a guest I was installing using SLAAC 
autoconfigured itself with a IPv6 address from another VLAN not 
configured on the KVM host.

Google has not shown me any links to this, therefore could this be a 
configuration snafu or is there somewhere else I could look to fix this?

Thanks,

Ron.