Linux Bridges - Tags on interface vs. on bridgeNAT and two bridgesMultiple, different VLAN trunks to KVM...

What is better: yes / no radio, or simple checkbox?

How to kill a localhost:8080

Can a space-faring robot still function over a billion years?

The need of reserving one's ability in job interviews

At what level can a party fight a mimic?

Difference between 'stomach' and 'uterus'

Non-Italian European mafias in USA?

Citing contemporaneous (interlaced?) preprints

What does @RC mean in SSDT SQL Server Unit Testing?

How to evaluate the limit where something is raised to a power of x?

Why do members of Congress in committee hearings ask witnesses the same question multiple times?

Misplaced tyre lever - alternatives?

Rationale to prefer local variables over instance variables?

How do you say "powers of ten"?

Is it possible to make a clamp function shorter than a ternary in JS?

How to substitute values from a list into a function?

What is this waxed root vegetable?

Sometimes a banana is just a banana

How to make a *empty* field behaves like a *null* field when it comes to standard values?

Giving a talk in my old university, how prominently should I tell students my salary?

How do I deal with being jealous of my own players?

Are paired adjectives bad style?

Get length of the longest sequence of numbers with the same sign

Can I become debt free or should I file for bankruptcy? How do I manage my debt and finances?

Linux Bridges - Tags on interface vs. on bridge

NAT and two bridgesMultiple, different VLAN trunks to KVM guests (Linux)KVM virtualization with two bridges, want routing to use each bridge as mapped in KVMBridging multiple VLANs in linuxCan a single physical interface act as a “slave” for multiple bridge interfaces?IP conflict on a KVM bridge network connectionKVM/libvirt: Guest monopolizes bridgesplitting tagged and untagged traffic to bridges on KVMlinux firewall as a router in CentOS 7Linux Security - Systemd-networkd (Clear Linux) - Topolgy of bridge interfaces (br0/br1)

What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?

I'm assuming if I want two total VLANs segmenting network traffic to guests on KVM. I don't want the guests seeing the tag, I just want the VLANs to segregate traffic through the interfaces. Meaning the guests should not see the tags (unless packets are double-tagged).

Each scenario would look as follows:

Tagging on interface:

em1 -> em1.3 -> br0 -> vnet0 -> em1

em1 -> em1.4 -> br1 -> vnet1 -> em2

Tagging on bridge:

em1 -> br0 -> br0.3 -> vnet0 -> em1

em1 -> br0 -> br0.4 -> vnet1 -> em2

Is net effect the same?
Or is there some functional difference I'm missing here?

EDIT: I've been reading (http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/), and it seems like tagging on physical interfaces (em1.3) causes linux to strip the tag prior to it sending it off to the bridge. Whereas tagging on the bridge just passes the tagged traffic through. True? If not, where is the tagged stripped/added?

edited Apr 3 '14 at 12:16

asked Apr 2 '14 at 23:25

rainereality

1871214

bumped to the homepage by Community♦ 9 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment |

What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?

Each scenario would look as follows:

Tagging on interface:

em1 -> em1.3 -> br0 -> vnet0 -> em1

em1 -> em1.4 -> br1 -> vnet1 -> em2

Tagging on bridge:

em1 -> br0 -> br0.3 -> vnet0 -> em1

em1 -> br0 -> br0.4 -> vnet1 -> em2

Is net effect the same?
Or is there some functional difference I'm missing here?

edited Apr 3 '14 at 12:16

asked Apr 2 '14 at 23:25

rainereality

1871214

bumped to the homepage by Community♦ 9 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment |

What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?

Each scenario would look as follows:

Tagging on interface:

em1 -> em1.3 -> br0 -> vnet0 -> em1

em1 -> em1.4 -> br1 -> vnet1 -> em2

Tagging on bridge:

em1 -> br0 -> br0.3 -> vnet0 -> em1

em1 -> br0 -> br0.4 -> vnet1 -> em2

Is net effect the same?
Or is there some functional difference I'm missing here?

edited Apr 3 '14 at 12:16

asked Apr 2 '14 at 23:25

rainereality

1871214

What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?

Each scenario would look as follows:

Tagging on interface:

em1 -> em1.3 -> br0 -> vnet0 -> em1

em1 -> em1.4 -> br1 -> vnet1 -> em2

Tagging on bridge:

em1 -> br0 -> br0.3 -> vnet0 -> em1

em1 -> br0 -> br0.4 -> vnet1 -> em2

Is net effect the same?
Or is there some functional difference I'm missing here?

linux vlan bridge

edited Apr 3 '14 at 12:16

asked Apr 2 '14 at 23:25

rainereality

1871214

edited Apr 3 '14 at 12:16

asked Apr 2 '14 at 23:25

rainereality

1871214

edited Apr 3 '14 at 12:16

asked Apr 2 '14 at 23:25

rainereality

1871214

asked Apr 2 '14 at 23:25

rainereality

1871214

asked Apr 2 '14 at 23:25

rainereality

1871214

bumped to the homepage by Community♦ 9 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

bumped to the homepage by Community♦ 9 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment |

1 Answer
1

active

oldest

votes

What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?

The difference is that you may not want all the interfaces in the bridge to be tagged.

Is net effect the same? Or is there some functional difference I'm
missing here?

If you want all traffic traversing the bridge to be tagged, then there is no difference.

Convention, though, is to tag interfaces.

answered Apr 3 '14 at 0:02

EEAA

102k16148219

Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?

– rainereality
Apr 3 '14 at 1:43

add a comment |

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});

}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f586298%2flinux-bridges-tags-on-interface-vs-on-bridge%23new-answer', 'question_page');
}
);

Post as a guest

Name

Required, but never shown

1 Answer
1

active

oldest

votes

1 Answer
1

active

oldest

votes

What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?

The difference is that you may not want all the interfaces in the bridge to be tagged.

Is net effect the same? Or is there some functional difference I'm
missing here?

If you want all traffic traversing the bridge to be tagged, then there is no difference.

Convention, though, is to tag interfaces.

answered Apr 3 '14 at 0:02

EEAA

102k16148219

Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?

– rainereality
Apr 3 '14 at 1:43

add a comment |

What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?

The difference is that you may not want all the interfaces in the bridge to be tagged.

Is net effect the same? Or is there some functional difference I'm
missing here?

If you want all traffic traversing the bridge to be tagged, then there is no difference.

Convention, though, is to tag interfaces.

answered Apr 3 '14 at 0:02

EEAA

102k16148219

Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?

– rainereality
Apr 3 '14 at 1:43

add a comment |

What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?

The difference is that you may not want all the interfaces in the bridge to be tagged.

Is net effect the same? Or is there some functional difference I'm
missing here?

If you want all traffic traversing the bridge to be tagged, then there is no difference.

Convention, though, is to tag interfaces.

answered Apr 3 '14 at 0:02

EEAA

102k16148219

What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?

The difference is that you may not want all the interfaces in the bridge to be tagged.

Is net effect the same? Or is there some functional difference I'm
missing here?

If you want all traffic traversing the bridge to be tagged, then there is no difference.

Convention, though, is to tag interfaces.

answered Apr 3 '14 at 0:02

EEAA

102k16148219

answered Apr 3 '14 at 0:02

EEAA

102k16148219

answered Apr 3 '14 at 0:02

EEAA

102k16148219

answered Apr 3 '14 at 0:02

EEAA

102k16148219

Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?

– rainereality
Apr 3 '14 at 1:43

add a comment |

Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?

– rainereality
Apr 3 '14 at 1:43

Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?

– rainereality
Apr 3 '14 at 1:43

add a comment |

draft saved

draft discarded

Thanks for contributing an answer to Server Fault!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Ryfujk