[fedora-virt] VLAN Bridging

[Chuck Anderson]

On Wed, Feb 04, 2015 at 02:05:49PM -0600, Dan Mossor wrote:
> How do I connect a VM to a tagged VLAN?
> 
> I am building a host machine that has a bonded interface (bond0)
> that is in turn my bridge interface (bridge0). The bond is connected
> to a trunk port on the switch containing tagged vlans. I want to be
> able to connect the VMs I'm building to one (or more) of the VLANs
> on this trunk port.
> 
> All I can find in the documentation is an obscure reference to a
> 'type' modifier for the API [0]
> 
> Does libvirt support this natively, or will I need to decipher the
> arcane world of OVS to make it work as I desire?
> 
> [0] http://wiki.libvirt.org/page/Features/virSimple#Guest_Creation

I do this outside of libvirt with plain sysconfig files.  Create
multiple ifcfg-bond0.<vlanid#> files, one for each VLAN, and attach
each one to a separate bridge with multiple ifcfg-br<vlanid#> files.
Then when creating VMs, just specifiy --network=br1001
--network=br1002, etc. for each VLAN you need on that VM.  Inside the
guest, they will show up as eth0, eth1, eth2, etc.

ifcfg-bond0:

DEVICE=bond0
ONBOOT=yes
NM_CONTROLLED=no
BONDING_OPTS='mode=active-backup miimon=100 primary=p4p1'
TYPE=Ethernet
BOOTPROTO=none

ifcfg-bond0.1001:

DEVICE=bond0.1001
ONBOOT=yes
NM_CONTROLLED=no
VLAN=yes
TYPE=Ethernet
BOOTPROTO=none
BRIDGE=br1001

ifcfg-bond0.1002:

DEVICE=bond0.1002
ONBOOT=yes
NM_CONTROLLED=no
VLAN=yes
TYPE=Ethernet
BOOTPROTO=none
BRIDGE=br1002

ifcfg-bond0.1003:

DEVICE=bond0.1003
ONBOOT=yes
NM_CONTROLLED=no
VLAN=yes
TYPE=Ethernet
BOOTPROTO=none
BRIDGE=br1003

ifcfg-br1001:

DEVICE=br1001
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Bridge
STP=off
DELAY=0
BOOTPROTO=none
BRIDGING_OPTS='multicast_snooping=0'

ifcfg-br1002:

DEVICE=br1002
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Bridge
STP=off
DELAY=0
BOOTPROTO=none
BRIDGING_OPTS='multicast_snooping=0'

ifcfg-br1003:

DEVICE=br1003
ONBOOT=yes
NM_CONTROLLED=no
TYPE=Bridge
STP=off
DELAY=0
BOOTPROTO=none
BRIDGING_OPTS='multicast_snooping=0'