I have been trying to setup a Xen domu to use vlans. Reading various posts around the net, it seems that the suggested way to do this is to create the vlans in the dom0 and give them to the domu as separate network devices. The suggestion seems to be mostly for security reasons (not having more vlans visible to the domu than it really needs to use).
I have succeeded in giving vlans to my domus this way, but it would be more convenient for me to pass a trunk into my domu and let the domu deal with the vlans. By passing in a trunk, I would only have to touch the domu when I want to access a new vlan. The other way, I would have to add it into the dom0 and then modify the domu and then deal with the new nic in the domu. In a static environment, it really does not make much difference, but if I am changing vlans around at all, it will quickly become painful to do. Here's my problem, I have tried passing in the entire nic to the domu to let it deal with the vlans. While I can issue the command in the domu, none of the vlan traffic makes it out. Also, no tagged packets make it to the domu. I'm running OpenSolaris 2009.06 snv_111 X86. The sun box is plugged into a trunked port with the native (non tagged packets) belonging to vlan 8. On the dom0, I can create vlan interfaces on the other vlans (using dladm) and communicate with machines on those vlans. I can pass the network interface into the domu using the vif-vnic script and no vlan tag and the domu will see the traffic on vlan 8 as expected. If I run the vconfig command on the interface in the domu to try to see other vlans, the command runs without errors, but no traffic is seen on the vlan. I can pass the interface into the domu using the vif-vnic script and specifying another vlan id (ie 4) and the domu will correctly see the traffic on vlan 4. If I pass in my main interface using the vif-dedicated script, I don't see any traffic in the domu, no matter what I do. If I create a vnic using dladm based off of the main nic and I pass that into the domu, I can once again see the vlan 8 (non tagged) traffic on the bare nic, but trying to see other vlans produces no traffic. A tcpdump from the domu seems to only see traffic for that domu (and broadcasts) without seeing any vlan tagged packets. This seems likely to be the reason things are not working. What do I need to specify, when creating the domu, to have it see the vlan tagged packets? -- This message posted from opensolaris.org _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
