Multiple VLANs presented to kvm guest

kvm, libvirt, linux, network, openvswitch

Change from standard linux bridge to ovs

1
yum install openvswitch

Set up your physical interface

/etc/sysconfig/network-scripts/ifcfg-enp1s0f0

1
2
3
4
5
6
7
DEVICE=enp1s0f0
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br.ovs
BOOTPROTO=none
NM_CONTROLLED=no

######Set up your bridge

/etc/sysconfig/network-scripts/ifcfg-br.ovs

1
2
3
4
5
6
DEVICE=br.ovs
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=none
HOTPLUG=no

Set up your mgmt interface

/etc/sysconfig/network-scripts/ifcfg-mgmt

1
2
3
4
5
6
7
8
9
10
11
DEVICE=mgmt
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSIntPort
BOOTPROTO=static
IPADDR=10.x.x.x
NETMASK=255.255.255.0
GATEWAY=10.x.x.x
OVS_BRIDGE=br.ovs
OVS_OPTIONS="tag=202"
OVS_EXTRA="set Interface $DEVICE external-ids:iface-id=$(hostname -s)-$DEVICE-vif

== Note OVS_OPTIONS is specifying the vlan tag ==

==Remove all of the old interface config files and ip del/down them==

set up libvirt network

ovs-network.xml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<network>
  <name>ovs-vlan-net</name>
  <uuid>cf51e92f-c50f-4bbd-bf13-0e6b12fbadbb</uuid>
  <forward mode='bridge'/>
  <bridge name='br.ovs' />
  <virtualport type='openvswitch'/>
  <portgroup name='vlan-100'>
    <vlan>
      <tag id='666'/>
    </vlan>
  </portgroup>
  <portgroup name='control-plane'>
    <vlan trunk='yes'>
      <tag id='100'/>
    </vlan>
  </portgroup>
    <portgroup name='control-plane-plus'>
    <vlan trunk='yes'>
      <tag id='100'/>
      <tag id='11'/>
    </vlan>
  </portgroup>
  <portgroup name='smashface'>
    <vlan trunk='yes'>
      <tag id='300'/>
    </vlan>
  </portgroup>
</network>

== Note different port groups within the single network==

import that ish

1
virsh net-create ovs-network.xml; virsh net-autostart ovs-vlan-net

Then edit your xmls swapping from bridge interfaces to the appropriate network and portgroup
Before

1
2
3
4
5
6
<interface type='bridge'>
  <mac address='de:ad:be:b2:e0:6a'/>
  <source bridge='br100'/>
  <model type='virtio'/>
  <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

After

1
2
3
4
5
6
<interface type='network'>
  <mac address='de:ad:be:b2:e0:6a'/>
  <source network='ovs-vlan-net' portgroup='control-plane'/>
  <model type='virtio'/>
  <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

==Now within the guest, you can bring up eth0.$vlan and all will be well==

Now ovs looks like so
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
[~]# ovs-vsctl show
99e7e78d-efea-46f9-9014-d02c7fd2353c
    Bridge br.ovs
        Port "enp1s0f0"
            Interface "enp1s0f0"
        Port "vnet2"
            trunks: [100]
            Interface "vnet2"
        Port "vnet4"
            trunks: [100]
            Interface "vnet4"
        Port "vnet1"
            trunks: [100]
            Interface "vnet1"
        Port br.ovs
            Interface br.ovs
                type: internal
        Port "vnet3"
            trunks: [100]
            Interface "vnet3"
        Port "vnet0"
            trunks: [11, 100]
            Interface "vnet0"
        Port mgmt
            tag: 202
            Interface mgmt
                type: internal
    Bridge "br0"
        Port "br0"
            Interface "br0"
                type: internal
    ovs_version: "2.5.0"