On 5/11/15 2:46 , Schmurfy wrote: > Hello, > I am using QinQ in my network and can't figure out how to properly use it > on the VMs, I configured the vm to get one interface as being a vlan > interface and this works (the interface works properly in the VM) but when > I try to create a vlan interface inside the VM backed on the first > interface packets don't get through SmartOS. I see incoming ARP Request > packets and the response from inside the VM (with the correct vlan tag) but > using snoop on the host I never see them get out. > > While trying to make it works I enabled allow_ip_spoofing, > allow_dhcp_spoofing, allow_mac_spoofing, allow_restricted_traffic, > allow_unfiltered_promisc but none of them seems to help, packets still get > blocked on the way out :( > does anyone know what could be blocking the packets ?
Hi, There are few different things that are going on here. Probably the most important is that, to my knowledge, we don't support 802.1ad (Q in Q). Second, let me clarify what exactly is happening with respect to VNICs, VLANs, and the different kinds of instances you can create. When you specify a VLAN id in the JSON file, we'll create a VNIC that is marked with that tag. That means that the system will enforce that packets that enter and leave the interface have that tag. If you're just creating zones (whether lx, docker, or smartos), then this doesn't matter. With kvm, it's a different story. We treat a KVM guest as though it's NIC is always in access mode, and instead the hypervisor is responsible for adding and removing a tag. If the guest is setting a tag, then it's liable that it'll be dropped. Robert ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
