God forbid! I just wanted to inform you that I have tried your configuration which in my opinion seems correct. Thanks as always .
Hi Andy, did you manage to get more info? Thank you
Hi
I did try it on 3 machines. Configured it on OPNsense and 2 Proxmox servers.
Using numbered or unnumbered links (No IP on the vmbr99) I wasn’t able to connect.
A managed switch or unmanaged makes no difference, only “tagging” a switch ports can make a difference.
But vLANs will work with unmanaged switches, eg from Host 1 to Host 2…
Needs more research, but I assume it has to do with the change in NICs that came with Debian 11…
My 2 cents
Andy
So the problem remains limited or vlan only on the same way. Eli that I’ve seen around and that many users use bonding that in my opinion I don’t understand the context. On the proxmox documentation refer to the numbering e.g. ens18 in ens18.100 vlan
vLans in Proxmox can either be set using NAME.99 or ens01.99
Using these options usually fill out the vLAN field correctly.
However - I tried more or less all options using VMs or Proxmox and I can’t get a single connection, when a few months ago it was working… (I need this mostly for my test-OPNsense and VM OPNsense, sometimes a NethServer I’m testing with VPN…).
I will get it working, Proxmox yesterday and today delivered alltogether 3 sets of updates (For both Proxmox PVE and PBS)…
Either Proxmox/Debian has a bug (Will be fixed) or I have a hardware issue or something similiar…
My 2 cents
Andy
Yes, I thought about this too, can bugs? I looked and searched on the network but it seems that the operations to be done are only these, to make it short even only the vmbr0 that you use for lan header with the vlan aware enabled flag should pass all the vlans and as we have seen it works, but only on the same node. It becomes a problem when vlan aware is activated on the nodes remaining in the cluster and on the same e.g. vmbr0, VMs will not be able to communicate with other vms of the nodes of the same cluster.
However, a few hours ago I updated the system.
The larger the company / institution, the more likely vLANs are in use.
Also a lot of small users / labs use vLANs, simply as their switch doesn’t have enough slots…
Hi
I can confirm my vLANs at home are working.
For testing I have an existing vLAN on my OPNsense, connected to my Home-LAN as vLan99.
This provides DHCP for 192.168.29.0/24…
This was working before - with Proxmox also.
I configured an additional vLAN on my MACbooks Thunderbolt Ethernet:
As you can see, my Macbooks vLAN get’s a correct IP via DHCP (192.168.29.0/24), my normal LAN at home uses 192.168.31.0/24, also DHCP.
My Macbook allows me to “isolate” the vLAN issue to Proxmox alone.
Now to see if I can configure any form of vLAN on Proxmox that get’s a correct IP via vLAN99…
Note: My Macbook is hooked up to the unmanaged switch, same as my OPNsense. As both LAN and vLAN reach my Macbook correctly (Both have DHCP and a correct IP for that network) I can assume the Issue is NOT with my Hardware or Switches. I get the IP also on my managed switch, on any “untagged” port as is to be expected.
Removed on my Proxmox3 all vLAN configurations, and tried a configuration of a VM with the correct vLAN tag vlan99 - no connection… So it seems that somewhere inside Proxmoxes internal networking the vLAN Tag is lost.
More tests needed…
It seems even inside a Proxmox, Proxmox can’t ping anything anything, not even a VM also using the same vLAN with correct networking applied.
I also was able to test today on a clients Proxmox 6.x, there the same configuration works. ???
More research needed…
My 2 cents
Andy
1 Like
Hi Andy, in fact from what you wrote to me I had no doubt that everything worked with the version of cluster 6.0, unlike the 7 that seems to want to work only if the configurations of the vlan remain on the same node and are not rotated on the other nodes. From your configuration that is very similar to mine, I attach screenshots that show how it works only at the single node level.
As you can see, on the pfsense the vlan 200 cond dhcp is active, and in the cluster test environment a hundreds that you receive from the dhcp of the pfsense tagged 200 the ip parameters. He can ping, in short, it also works correctly with regard to routing to LAN and the internet. BUT ONLY ON A KNOT !!
I can’t understand, maybe a bug? As soon as you have information about it, let me know Andy because it is important. Thanks Anyway, for the tests you carried out.
1 Like
Hi
I’ve posted the issue on Proxmox Forum:
There are others with a same / similiar issue…
Andy
Hi Andy, I like you had already submitted the problem in the forum, but still nothing!
What do you think?
Hi
I personally deactivate Proxmox firewall on every VM NIC…
I have a hardware perimeter firewall, so nothing needs protection inside the LAN. Only 1-2 windows workstations if any running.
And it was working before the 7x upgrade…
I still think somewhere inside Proxmox / Debian it’s broken.
As I only have a Debian VM, I can’t test that. My vLAN does work on a Raspberry and Mac…
I don’t know! But I have no doubt about what you write! However, in the opinion of the other users it would seem that nothing is done without the intervention on the switch! Strange that they didn’t answer you in your forum post. However, let’s keep in touch with the news regarding our question
1 Like
A lot of the forum only uses managed switches seems. I do have one, but here it’s not really involved, as my OPNsense is in another room and I don’t have parallel wiring for 2 networks…
I understand but then it is correct to write by users who have configured theirs with switches and not as you did in the past on version 6. However, I have a managed 24-port switch, but for a technical point I would like to build the vlan network with proxmox aware vlan support.
A vLAN works with or without a managed switch, that’s the issue…
Only on Proxmox it has at the moment issues
If you have general network connectivity, it should work to use the vLAN “Tag” on two NICs of two different hosts to be able to connect “another”, seperate network.
I have the vLAN at home active on two different Linux systems (Raspberry and OpenWRT), a Macbook and an OPNsense (Hardened BSD) hardware box.
So I do understand how it works and it’s limits…
Only on Proxmox - and only after the upgrade - it stopped working.
And I have a few clients where I can play around, they could use the vLAN feature there too, but I can’t get it working with Proxmox. It can only ping itself, no other sees it…
More answers …
In any case, you must setup your network equipment properly to allow vlan’s to travel among your switch ports. If your switch is not configured to allow tagged packets and/or allow vlan200 at least for the ports used by your server’s LAN interfaces, no host configuration will override those settings.
1 Like