On 6/16/22 3:24 AM, Peter Krempa wrote:> On Thu, Jun 16, 2022 at 09:20:21 +0200, Gionatan Danti wrote:
>> Hi all,
>> from here [1]:
>>
>> "Network connections that support guest-transparent VLAN tagging
include 1)
>> type='bridge' interfaces connected to an Open vSwitch bridge
Since 0.10.0 ,
>> 2) SRIOV Virtual Functions (VF) used via type='hostdev' (direct
device
>> assignment) Since 0.10.0 , and 3) SRIOV VFs used via
type='direct' with
>> mode='passthrough' (macvtap "passthru" mode) Since
1.3.5 . All other
>> connection types, including standard linux bridges and libvirt's
own virtual
>> networks, do not support it."
>>
>> I read it correctly that when used on a classical linux bridge these
vlan
>> tags does nothing? If so, it is due to something related to the
underlying
>> bridge device (ie: incomplete support for vlan filtering) or it is
because
>> libvirt lacks the necessary "plumbing" to use advanced bridge
features?
>
> AFAIK it was simply never implemented. There's also an upstream feature
> request for this:
>
> https://gitlab.com/libvirt/libvirt/-/issues/157
When VLAN tagging was first implemented, Linux host bridges didn't have
this capability - the only way to get guest traffic transparently tagged
in that case was by having the bridge attached to a host VLAN interface
rather than directly to the physical ethernet (resulting in the traffic
from all guests attached to the bridge being tagged/untagged). A few
years later support for tagging on individual host bridge ports was aded
to the Linux bridge driver, but there was never enough push for the
feature to get it added to libvirt.
"Patches are welcome" of course!