[ovs-discuss] Access all OVS VLANs via VPN without OVS tunnels
s.maksymov at emw.hs-anhalt.de
s.maksymov at emw.hs-anhalt.de
Sat Oct 8 04:18:01 UTC 2016
Hi everyone,
I am fighting long time with the following problem:
+-------------------------------------+
| Server |
| |
+-----------------------+ | |
| Laptop | | Bridge |
| | +--------+---------+---------+--------+
+-----------+-----------+ | vpn | vme | vme.10 | vnet1 | +--------------+
| vme.10 | vme | | | | tag=10 | tag=10 | | Virtual |
192.168.10.2|192.168.0.2+-------> | | | <--+ machine |
+-----------+-----------+ +--------+---------+---------+--------+ +--------------+
vme.10: Linux VLAN with id=10 vme: ovs bridge [192.168.0.1]
vme: VPN tap vme.10: port for VLAN 10 access [192.168.10.200]
vpn: port used by VPN server []
vnet1: auto-created by libvirt []
$ ovs-vsctl show
Bridge vme
Port "vnet1"
tag: 10
Interface "vnet1"
Port vpn
Interface vpn
type: internal
Port "vme.10"
tag: 10
Interface "vme.10"
type: internal
Port vme
Interface vme
type: internal
I want my laptop to be able to access both 192.168.0.1 and 192.168.10.200, which are untagged and tagged accordingly, but I don't need Open vSwitch on it to establish GRE tunnels, etc.
I have tried to set trunk on vpn interface:
$ ovs-vsctl set port vpn trunk=10,20 vlan_mode=native-untagged
but it doesn't help, I still can ping 192.168.0.1, but not 192.168.10.200. Only when I set a tag for vpn:
$ ovs-vsctl set port vpn tag=10
then I can ping 192.168.10.200, but lose a connection to 192.168.0.1, as well.
So, how can I have both "networks" accessible via VPN connection?
NOTE: while writing this letter, I had obtained that VLAN device on my laptop doesn't work at all with ovs. I mean it works only via untagged interface:
$ ping -I vme 192.168.10.200
PING 192.168.10.200 (192.168.10.200) from 192.168.10.120 vme: 56(84) bytes of data.
64 bytes from 192.168.10.200: icmp_seq=1 ttl=64 time=3.65 ms
64 bytes from 192.168.10.200: icmp_seq=2 ttl=64 time=1.99 ms
...
$ ping -I vme.10 192.168.10.200
PING 192.168.10.200 (192.168.10.200) from 192.168.10.100 vme.10: 56(84) bytes of data.
--- 192.168.10.200 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms
$ ip addr
vme: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 00:ac:35:cf:e6:4a brd ff:ff:ff:ff:ff:ff
inet 192.168.0.2/24 brd 192.168.0.255 scope global vpn_vme
valid_lft forever preferred_lft forever
inet 192.168.10.120/24 scope global vpn_vme
vme.10 at vme: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 8a:9f:f0:db:3e:93 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.100/24 scope global vme.10
This implies another question: does OVS support native Linux VLAN tags?
Thanks in advance!
Best regards from
Sergii Maksymov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20161008/d433d60c/attachment-0002.html>
More information about the discuss
mailing list