>>Does that make sense to support both or is the future openvswitch anyway?
They are missing thing in openvswitch (qinq for example, also igmp snooping,...) So I think it's okay to keep both currently. (I think the real future will be something like snabbswitch, but not before 1 or 2 years) ----- Mail original ----- De: "Stefan Priebe" <s.pri...@profihost.ag> À: "aderumier" <aderum...@odiso.com> Cc: "dietmar" <diet...@proxmox.com>, "pve-devel" <pve-devel@pve.proxmox.com> Envoyé: Mardi 17 Mars 2015 16:14:09 Objet: Re: [pve-devel] [PATCH] support QinQ / vlan stacking Am 17.03.2015 um 15:41 schrieb Alexandre DERUMIER <aderum...@odiso.com>: >>> That means we can get rid of the whole new and copy bridge code for vlans? > > yes, I think we can only have 1 bridge, and manage all vlans by port, like > for openvswitch. > > I never tested it with firewall, with fwbridge on top of bridge. > > Need to be tested :) Does that make sense to support both or is the future openvswitch anyway? > > > > > ----- Mail original ----- > De: "Stefan Priebe" <s.pri...@profihost.ag> > À: "aderumier" <aderum...@odiso.com> > Cc: "dietmar" <diet...@proxmox.com>, "pve-devel" <pve-devel@pve.proxmox.com> > Envoyé: Mardi 17 Mars 2015 10:48:55 > Objet: Re: [pve-devel] [PATCH] support QinQ / vlan stacking > > Hi, >> Am 16.03.2015 um 06:15 schrieb Alexandre DERUMIER: >> Hi Stefan, >> >>>> So the problem in my case is that there a some VMs i would like to have >>>> a filter and others where i don't want to have that filter so VLANs >>>> inside the VM are working. >> >> >> I think it's possible to allow vlans (tagged from guest), >> to go inside a bridge with vlan_filtering enabled. >> >> with: >> >> #bridge vlan add dev tapx vid $tag1 >> #bridge vlan add dev tapx vid $tag2 >> >> (This is something like a trunk is a cisco switch, with allowed vlans) >> >> >> >> if we want to force a tag, for an untagged guest >> #bridge vlan add dev tapx vid $tag pvid untagged" > > That means we can get rid of the whole new and copy bridge code for vlans? > > Stefan > > >> >> ----- Mail original ----- >> De: "Stefan Priebe" <s.pri...@profihost.ag> >> À: "dietmar" <diet...@proxmox.com> >> Cc: "pve-devel" <pve-devel@pve.proxmox.com> >> Envoyé: Jeudi 12 Mars 2015 08:42:48 >> Objet: Re: [pve-devel] [PATCH] support QinQ / vlan stacking >> >> Am 12.03.2015 um 06:42 schrieb Dietmar Maurer: >>>>>> The old behaviour can be restored by enabling vlan_filtering on the >>>>>> bridge. >>>>> >>>>> Please can you give me further hints howto enable/disable >>>>> "vlan_filtering"? >>>> >>>> It's >>>> # echo 1 > /sys/class/net/<bridge>/bridge/vlan_filtering >>> >>> So you think we should set that in PVE::Network::activate_bridge_vlan_slave >>> ? >> >> This would at least activate the old behaviour. But there are also use >> cases where you don't want that filtering. >> >> So the problem in my case is that there a some VMs i would like to have >> a filter and others where i don't want to have that filter so VLANs >> inside the VM are working. >> >> This can again only be archieved by the ebtables filter as it allows us >> to control traffic types by VM NIC. >> >> Greets, >> Stefan >> _______________________________________________ >> pve-devel mailing list >> pve-devel@pve.proxmox.com >> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel