Pass VLAN traffic (802.1q) to Virtual Machine on KVM/QEMU

Tuesday, 20 September 2011 10:20 Andrew Martin
E-mail Print PDF [Report This Article]
(0 votes, average 0 out of 5)

It may be desirable to pass VLAN traffic from a virtual machine out to the wider network. This tutorial assumes that you have configured the guest to connect to the host using a bridge interface, e.g. br0 (instructions here). Please Note: The default KVM/QEMU virtual network card, rtl8139, DOES NOT support VLANs (802.1q) (reference 1, reference 2). To use VLANs with the guest, you must use the virtio virtual network interface in your KVM configuration.

The easiest way to set this up is to use the same network bridge for all traffic, but to tag the VLAN traffic inside the VM. In this example, we will create an interface for VLAN 6. 

On the VM:

1
2
3

# modprobe 8021q
# vconfig add eth0 6
# ifconfig eth0.6 192.168.1.12 netmask 255.255.255.0 up

This will create a new interface, eth0.6, where you can send the VLAN traffic. Both VLAN traffic (over eth0.6) and regular traffic (over eth0) will pass over br0 on the host to the rest of the network. 

To make these settings permanent on Debian/Ubuntu, do to the following:

  1. add 8021q to /etc/modules
  2. add the following section to /etc/network/interfaces:
1
2
3
4
5
6

## VLAN Configuration
auto eth0.6
iface eth0.6 inet static
        address 192.168.1.12
        netmask 255.255.255.0
        vlan_raw_device eth0

To make these settings permanent on RHEL/CentOS, do to the following:

  1. echo modprobe 8021q >> /etc/rc.modules && chmod +x /etc/rc.modules
  2. Follow the instructions outlined here and make sure your ifcfg-eth0.6 looks similar to this:
1
2
3
4
5
6
7

DEVICE=eth0.6
VLAN=yes
BOOTPROTO=none
NETMASK=255.255.255.0
IPADDR=192.168.1.12
ONBOOT=yes
HWADDR=00:01:02:03:04:05

Your VM should now be configured to handle VLAN 6 traffic over eth0.6 and pass it along to the host over br0. You can verify that the VLAN traffic is present by running tcpdump -i br0 on the host.
Partner Links:
 
Related Articles

» How to Connect to a Wireless Networking with Prompting for a Keyring Password in Ubuntu/Gnome

Sometimes the default installation of Ubuntu will continue to prompt for a keyring password in order to access the stored wifi password. This prevents automatic login to wifi networks. To remove this prompt for a keyring password and just automatically connect to the saved wireless network, do the following:Right click on the Network Manager icon in the system tray. Now, click Edit ConnectionsClick on the Wireless tab and select the connect you are using. Click the Edit buttonMake sure the...
Read more...

» How to Clean a Game Console Cartridge

A classic symptom of older game systems which use cartridges is that sometimes the game cartridge itself can become corroded and unusable.   There are several ways to clean cartridges, from the easiest to most desperate. First, here are some common things NOT to do in order to clean your game cartridge:  Things NOT To DoDo NOT blow into the cartridge. Yes it is a quick fix. Yes it does work temporarily. However, due to the moisture of you blowing onto the cartridge connectors,...
Read more...

» Grant Write Access to CIFS Mount As A Regular User

Often you may want a cifs/smbfs (Samba) mount on Linux to be writeable by normal users. If it is the case that you can write to the mounted filesystem as root but not as a normal user (Permission Denied), then you may need to adjust your mount options in /etc/fstab. The key mount options are file_mode and dir_mode, which override the default file and directory permissions for Samba shares. By manually setting these values, you can grant read/write access to normal users on the local...
Read more...