just notes

bridge building

upon the vlans that separate us

You have one interface, and a smart switch.

You want to use your host’s interface as a trunked port, able to handle multiple vlans. But more than that, you want to have multiple virtual machines, or containers, also using that vlan.

So, that’s the goal, and this is how I accomplished it:

beau@machine:~$ sudo nmcli connection add type bridge con-name br0.1000 ifname br0.1000

beau@machine:~$ sudo nmcli con add type vlan con-name enp1s0.1000  dev enp1s0 id 1000 master br0.1000 connection.autoconnect yes

beau@machine:~$ sudo nmcli connection add type bridge con-name br0.2000 ifname br0.2000

beau@machine:~$ sudo nmcli con add type vlan con-name enp1s0.2000  dev enp1s0 id 2000 master br0.2000 connection.autoconnect yes

beau@machine:~$ nmcli device

DEVICE          TYPE       STATE         CONNECTION    
br0.1000        bridge     connected     br0.1000        
br0.2000        bridge     connected     br0.2000        
enp1s0          ethernet   connected     en01s0 on 1             
enp1s0.1000     vlan       connected     vlan1000        
enp1s0.2000     vlan       connected     vlan2000        
wlp1s0          wifi       unavailable   --                    
lo              loopback   unmanaged     --

above:

  1. add the bridge interface.
  2. add vlan, simultaneously adding it as a slave of the bridge created just before.

I did that step twice. The port use by the machine, enp1s0, is plugged into a port that defaults to vlan 1, but is trunked, and tagged vlans with IDs 1000, and 2000, are available.

Interestingly, the primary enp1s0, had been removed as the default route. You can also do that to the br0.2000, or br0.1000.

The reason, in my case, is that I want my machines traffic to use the br0.1000 interface as it’s primary network interface.

br0.2000, is reserved for VMs, and can be assigned to interfaces used by virt-manager machines. That way, i don’t need to use the br0.2000 for both, the host and the guest. 

$ route

Kernel IP routing table
Destination     Gateway    Genmask         Metric Ref  Use Iface
default         _gateway   0.0.0.0         427    0  0 br0.10
192.168.100.0   0.0.0.0    255.255.255.0   427    0  0 br0.1000
192.168.200.0   0.0.0.0    255.255.255.0   429    0  0 br0.2000
link-local      0.0.0.0    255.255.0.0     1000   0  0 enp1s0.20
192.168.1.0     0.0.0.0    255.255.255.0   100    0  0 enp4s0

beau

,
,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.