From: John Morrissey <jwm@horde.net>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] Bridging 802.1q tagged interfaces into a VM
Date: Wed, 16 Jul 2008 16:57:43 -0400 [thread overview]
Message-ID: <20080716205743.GA7670@boost.horde.net> (raw)
I'm trying to bridge an 802.1q tagged interface into a VM. In other words,
eth0 on the machine running QEMU/KVM is an 802.1q tagged interface, which I
place in a bridge group and attach to a VM with a tap interface, like so:
sudo kvm -hda /var/lib/libvirt/vm/jwm01.qcow -m 512 \
-net nic,model=e1000,vlan=0 \
-net tap,vlan=0,ifname=tap0,script=/etc/kvm/kvm-ifup
[jwm@virt01:pts/0 /etc/kvm> cat kvm-ifup
#!/bin/sh
switch=br0
/sbin/ifconfig $1 0.0.0.0 up
/usr/sbin/brctl addif ${switch} $1
exit 0
My goal in this is to allow VMs to set up arbitrary VLAN subinterfaces.
Since our collective VMs will need to attach to nearly a dozen VLANs, I'm
trying to avoid setting up all VLANs on the QEMU/KVM host with the
concomitant bridge groups.
The problem seems to be that something is stripping the 802.1q VLAN tags
after they leave the VM. If I tcpdump(8) inside the VM on the VLAN
subinterface, I see the frames 802.1q-tagged in the correct VLAN for the
subinterface.
However, if I tcpdump the QEMU/KVM host's tap0 or eth0, the frames are
untagged. This happens regardless of whether the VLAN in question is active
on the QEMU/KVM host's Ethernet interface (i.e., even when the VLAN has been
added to the interface with 'vconfig add eth0 VLANNUM'). I'm not sure if
this is Linux kernel behavior or QEMU/KVM behavior.
FWIW, both the host and the VM are running Patrick McHardy's kernel updates
to pass VLANs correctly to network taps when the network device driver has
hardware VLAN acceleration enabled
(http://marc.info/?l=linux-netdev&m=121560557112292&w=2).
I observed the same behavior with pcap network support
(http://lists.gnu.org/archive/html/qemu-devel/2008-07/msg00045.html): frames
are tagged inside the VLAN but the tag is not present on the host's tap and
Ethernet interfaces.
Lastly, I'm a little confused about the "VLAN" terminology in the QEMU
network configuration guide. It seems QEMU has some concept of internal
"VLANs" that are QEMU-specific and separate from 802.1q tagging that can be
used to create private network connections between VMs. Is this correct?
john
--
John Morrissey _o /\ ---- __o
jwm@horde.net _-< \_ / \ ---- < \,
www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__
reply other threads:[~2008-07-16 20:57 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080716205743.GA7670@boost.horde.net \
--to=jwm@horde.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).