From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1KJE4I-0000Cu-VP for qemu-devel@nongnu.org; Wed, 16 Jul 2008 16:57:47 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1KJE4H-00009u-9u for qemu-devel@nongnu.org; Wed, 16 Jul 2008 16:57:46 -0400 Received: from [199.232.76.173] (port=39431 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1KJE4H-00009i-5h for qemu-devel@nongnu.org; Wed, 16 Jul 2008 16:57:45 -0400 Received: from boost.horde.net ([69.55.65.181]:50283) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1KJE4G-00029M-S1 for qemu-devel@nongnu.org; Wed, 16 Jul 2008 16:57:44 -0400 Date: Wed, 16 Jul 2008 16:57:43 -0400 From: John Morrissey Message-ID: <20080716205743.GA7670@boost.horde.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: [Qemu-devel] Bridging 802.1q tagged interfaces into a VM Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org I'm trying to bridge an 802.1q tagged interface into a VM. In other words, eth0 on the machine running QEMU/KVM is an 802.1q tagged interface, which I place in a bridge group and attach to a VM with a tap interface, like so: sudo kvm -hda /var/lib/libvirt/vm/jwm01.qcow -m 512 \ -net nic,model=e1000,vlan=0 \ -net tap,vlan=0,ifname=tap0,script=/etc/kvm/kvm-ifup [jwm@virt01:pts/0 /etc/kvm> cat kvm-ifup #!/bin/sh switch=br0 /sbin/ifconfig $1 0.0.0.0 up /usr/sbin/brctl addif ${switch} $1 exit 0 My goal in this is to allow VMs to set up arbitrary VLAN subinterfaces. Since our collective VMs will need to attach to nearly a dozen VLANs, I'm trying to avoid setting up all VLANs on the QEMU/KVM host with the concomitant bridge groups. The problem seems to be that something is stripping the 802.1q VLAN tags after they leave the VM. If I tcpdump(8) inside the VM on the VLAN subinterface, I see the frames 802.1q-tagged in the correct VLAN for the subinterface. However, if I tcpdump the QEMU/KVM host's tap0 or eth0, the frames are untagged. This happens regardless of whether the VLAN in question is active on the QEMU/KVM host's Ethernet interface (i.e., even when the VLAN has been added to the interface with 'vconfig add eth0 VLANNUM'). I'm not sure if this is Linux kernel behavior or QEMU/KVM behavior. FWIW, both the host and the VM are running Patrick McHardy's kernel updates to pass VLANs correctly to network taps when the network device driver has hardware VLAN acceleration enabled (http://marc.info/?l=linux-netdev&m=121560557112292&w=2). I observed the same behavior with pcap network support (http://lists.gnu.org/archive/html/qemu-devel/2008-07/msg00045.html): frames are tagged inside the VLAN but the tag is not present on the host's tap and Ethernet interfaces. Lastly, I'm a little confused about the "VLAN" terminology in the QEMU network configuration guide. It seems QEMU has some concept of internal "VLANs" that are QEMU-specific and separate from 802.1q tagging that can be used to create private network connections between VMs. Is this correct? john -- John Morrissey _o /\ ---- __o jwm@horde.net _-< \_ / \ ---- < \, www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__