[ovs-discuss] How to filter tagged frames in bridge?

Matthias May matthias.may at neratec.com
Wed Aug 7 06:44:52 UTC 2019


On 06/08/2019 17:12, Felipe Arturo Polanco wrote:
> Hello,
> 
> This is for a hosting environment where we are using OVS bridges with KVM.
> 
> I have two interfaces bonded together with LACP and allowing two vlans.
> VLAN 500 public and vlan 400 private.
> The native vlan for this trunk port is Vlan 500*
> 
> I need to find a way to limit trunk access on the VMs when they are
> connected to my bridge.
> If I add a tap0 interface to ovsbr0, I can see tagged traffic which is not good.
> 
> I was thinking about adding a second bridge and connect both of them
> using a patch port but I still need to find a way to filter tagged
> frames and only allow untagged traffic on the second bridge.
> 
> Any ideas how can this be done?
> 
> Thanks,
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
> 

When you add the port, set
vlan_mode=access
tag=500

BR
Matthias


More information about the discuss mailing list