[ovs-discuss] : How tagging an ethernet frame to be compatible with cisco switch???

Leland Vandervort leland at DEV.DISCPRO.ORG
Fri Mar 23 13:49:07 UTC 2012 

Well.. your OVS configuration has vlan 35 as native and untagged.  There's
still nothing to prevent you adding additional tagged vlans as well, and
they also can be added to the trunk on the cisco side ("switchport trunk
allowed vlan add x,y,z", for example)

Cisco by default does not tag the native vlan (though this can be overridden
on *SOME BUT NOT ALL* cisco switches).  Also, by default Cisco's "native"
vlan for dot1q is VLAN1, unless you specifiy the native vlan for the trunk
in the configuration.

As a result, under the original configuration you provided, what was
happening was OVS was sending the frame for vlan 35 UNTAGGED (configured as
native, and specified untagged) to the Cisco.  The cisco received the
untagged frame and placed it into Vlan 1  (default native vlan).

I suggest establishing a native vlan for the trunk (such as vlan 1, for any
unknown junk untagged traffic that might be stray), leaving that untagged,
and tagging all other vlans respectively.

On the cisco side, you can limit the allowed vlans on the trunk to just
those you want to receive.  This would be the easiest solution to work with
your configuration, and across the full range of Cisco switches.  Omitting
vlan1 from the "allowed vlan" list on the trunk will prune that traffic so
the switch doesn't send all bogus traffic to the OVS.


Leland









Le 23/03/2012 14:35, « Maxime JÉGO » <maxime.jego at netensia.fr> a écrit :

> When i have this configuration, it works! But i would not have to specified
> that it is native 35. Because my goal is to use severals vlan.
> 
> A little precision, with my co-workers we have found that there were a bug
> with tcpdump to see ethernet frame with tags ! So, with my first configuration
> (without native vlan on the cisco) i can see ARP request from my VM to my
> vswitch and to my cisco. But i haven't the ARP reply ...
> 
> And if i force it by adding Mac address in arp table, it just send a ping
> request, but i don't receive the reply...
> 
> 
> Thank's a lot ;)
> 
> 
> 
> Le Vendredi 23 Mars 2012 10:02 CET, Leland Vandervort <leland at DEV.DISCPRO.ORG>
> a écrit:
> 
>> 
>> What is the rest of the port configuration on the cisco?
>> 
>> To conform with your OVS configuration (specifically native untagged vlan35)
>> try:
>> 
>> interface x/x/x
>>  switchport
>>  switchport trunk encapsulation dot1q
>>  switchport mode trunk
>>  switchport trunk native vlan 35
>>  switchport trunk allowed vlan 35,xxx
>> !
>> 
>> Any traffic for the "other" vlan (xxx) would of course need to be tagged.
>> 
>> 
>> 
>> Le 23/03/2012 09:57, « Maxime JÉGO » <maxime.jego at netensia.fr> a écrit :
>> 
>>> Hello erverybody,
>>> 
>>> i have a KVM architecture with 2 Virtual machine called VM1 (with virtual
>>> interface vnet0) and VM2 (with virtual interface vnet1).
>>> 
>>> I have created a bridge called br0 who contains a vlan called vlan35 (vid
>>> =35)
>>> 
>>> My ovs configuration :
>>> 
>>> ( - ovs-vsctl add-br br0
>>>   - ovs-vsctl add-port br0 eth1 trunk=35,200
>>>   - ovs-vsctl add-br vlan35 br0 tag=35
>>>   - ovs-vsctl add-port vlan35 vnet0
>>>   - ovs-vsctl add-port vlan35 vnet1
>>>   - ovs-vsctl add-port vlan35 vnet1 )
>>> 
>>> 
>>> ovs-vsctl show :
>>> 
>>> [root@******** ~]# ovs-vsctl show
>>> 93c8f900-cc8b-44a9-9081-613d79bc846e
>>>     Bridge "br0"
>>>         Port "vlan35"
>>>             tag: 35
>>>             Interface "vlan35"
>>>                 type: internal
>>>         Port "vnet0"
>>>             tag: 35
>>>             Interface "vnet0"
>>>         Port "br0"
>>>             Interface "br0"
>>>                 type: internal
>>>         Port "vnet1"
>>>             tag: 35
>>>             Interface "vnet1"
>>>         Port "eth1"
>>>             trunks: [35, 200]
>>>             Interface "eth1"
>>> 
>>> 
>>> 
>>> 
>>> My cisco switch configuration about this :
>>> 
>>>  - switchport trunk allowed vlan 35,xxx
>>> 
>>> 
>>> My problem : I can't ping my gateway (on my cisco switch) from my virtual
>>> machine VM1.
>>> I have identified the problem, I have only the icmp request traffic on eth1
>>> and i haven't TAG on my frame. I have test to configured vlan35 in this mode
>>> :
>>> 
>>> ovs-vsctl -- set port vlan35 vlan_mode=native-untagged (to tag frame) but it
>>> doesn't work..
>>> 
>>> Thank's a lot for your help, i am lost!
>>> 
>>> Maxime
>>> _______________________________________________
>>> discuss mailing list
>>> discuss at openvswitch.org
>>> http://openvswitch.org/mailman/listinfo/discuss
>> 
> 
> 
> 
>

More information about the discuss mailing list