Linux Bridges - Tags on interface vs. on bridgeNAT and two bridgesMultiple, different VLAN trunks to KVM...
What is better: yes / no radio, or simple checkbox?
How to kill a localhost:8080
Can a space-faring robot still function over a billion years?
The need of reserving one's ability in job interviews
At what level can a party fight a mimic?
Difference between 'stomach' and 'uterus'
Non-Italian European mafias in USA?
Citing contemporaneous (interlaced?) preprints
What does @RC mean in SSDT SQL Server Unit Testing?
How to evaluate the limit where something is raised to a power of x?
Why do members of Congress in committee hearings ask witnesses the same question multiple times?
Misplaced tyre lever - alternatives?
Rationale to prefer local variables over instance variables?
How do you say "powers of ten"?
Is it possible to make a clamp function shorter than a ternary in JS?
How to substitute values from a list into a function?
What is this waxed root vegetable?
Sometimes a banana is just a banana
How to make a *empty* field behaves like a *null* field when it comes to standard values?
Giving a talk in my old university, how prominently should I tell students my salary?
How do I deal with being jealous of my own players?
Are paired adjectives bad style?
Get length of the longest sequence of numbers with the same sign
Can I become debt free or should I file for bankruptcy? How do I manage my debt and finances?
Linux Bridges - Tags on interface vs. on bridge
NAT and two bridgesMultiple, different VLAN trunks to KVM guests (Linux)KVM virtualization with two bridges, want routing to use each bridge as mapped in KVMBridging multiple VLANs in linuxCan a single physical interface act as a “slave” for multiple bridge interfaces?IP conflict on a KVM bridge network connectionKVM/libvirt: Guest monopolizes bridgesplitting tagged and untagged traffic to bridges on KVMlinux firewall as a router in CentOS 7Linux Security - Systemd-networkd (Clear Linux) - Topolgy of bridge interfaces (br0/br1)
What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?
I'm assuming if I want two total VLANs segmenting network traffic to guests on KVM. I don't want the guests seeing the tag, I just want the VLANs to segregate traffic through the interfaces. Meaning the guests should not see the tags (unless packets are double-tagged).
Each scenario would look as follows:
Tagging on interface:
em1 -> em1.3 -> br0 -> vnet0 -> em1
em1 -> em1.4 -> br1 -> vnet1 -> em2
Tagging on bridge:
em1 -> br0 -> br0.3 -> vnet0 -> em1
em1 -> br0 -> br0.4 -> vnet1 -> em2
Is net effect the same?
Or is there some functional difference I'm missing here?
EDIT: I've been reading (http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/), and it seems like tagging on physical interfaces (em1.3) causes linux to strip the tag prior to it sending it off to the bridge. Whereas tagging on the bridge just passes the tagged traffic through. True? If not, where is the tagged stripped/added?
linux vlan bridge
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
bumped to the homepage by Community♦ 9 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?
I'm assuming if I want two total VLANs segmenting network traffic to guests on KVM. I don't want the guests seeing the tag, I just want the VLANs to segregate traffic through the interfaces. Meaning the guests should not see the tags (unless packets are double-tagged).
Each scenario would look as follows:
Tagging on interface:
em1 -> em1.3 -> br0 -> vnet0 -> em1
em1 -> em1.4 -> br1 -> vnet1 -> em2
Tagging on bridge:
em1 -> br0 -> br0.3 -> vnet0 -> em1
em1 -> br0 -> br0.4 -> vnet1 -> em2
Is net effect the same?
Or is there some functional difference I'm missing here?
EDIT: I've been reading (http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/), and it seems like tagging on physical interfaces (em1.3) causes linux to strip the tag prior to it sending it off to the bridge. Whereas tagging on the bridge just passes the tagged traffic through. True? If not, where is the tagged stripped/added?
linux vlan bridge
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
bumped to the homepage by Community♦ 9 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?
I'm assuming if I want two total VLANs segmenting network traffic to guests on KVM. I don't want the guests seeing the tag, I just want the VLANs to segregate traffic through the interfaces. Meaning the guests should not see the tags (unless packets are double-tagged).
Each scenario would look as follows:
Tagging on interface:
em1 -> em1.3 -> br0 -> vnet0 -> em1
em1 -> em1.4 -> br1 -> vnet1 -> em2
Tagging on bridge:
em1 -> br0 -> br0.3 -> vnet0 -> em1
em1 -> br0 -> br0.4 -> vnet1 -> em2
Is net effect the same?
Or is there some functional difference I'm missing here?
EDIT: I've been reading (http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/), and it seems like tagging on physical interfaces (em1.3) causes linux to strip the tag prior to it sending it off to the bridge. Whereas tagging on the bridge just passes the tagged traffic through. True? If not, where is the tagged stripped/added?
linux vlan bridge
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
What is the difference between tagging on the bridge vs a physical interface then adding that tagged interface onto the bridge?
I'm assuming if I want two total VLANs segmenting network traffic to guests on KVM. I don't want the guests seeing the tag, I just want the VLANs to segregate traffic through the interfaces. Meaning the guests should not see the tags (unless packets are double-tagged).
Each scenario would look as follows:
Tagging on interface:
em1 -> em1.3 -> br0 -> vnet0 -> em1
em1 -> em1.4 -> br1 -> vnet1 -> em2
Tagging on bridge:
em1 -> br0 -> br0.3 -> vnet0 -> em1
em1 -> br0 -> br0.4 -> vnet1 -> em2
Is net effect the same?
Or is there some functional difference I'm missing here?
EDIT: I've been reading (http://blog.davidvassallo.me/2012/05/05/kvm-brctl-in-linux-bringing-vlans-to-the-guests/), and it seems like tagging on physical interfaces (em1.3) causes linux to strip the tag prior to it sending it off to the bridge. Whereas tagging on the bridge just passes the tagged traffic through. True? If not, where is the tagged stripped/added?
linux vlan bridge
linux vlan bridge
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
edited Apr 3 '14 at 12:16
rainereality
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
asked Apr 2 '14 at 23:25
rainerealityrainereality
1871214
1871214
bumped to the homepage by Community♦ 9 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 9 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?
The difference is that you may not want all the interfaces in the bridge to be tagged.
Is net effect the same? Or is there some functional difference I'm
missing here?
If you want all traffic traversing the bridge to be tagged, then there is no difference.
Convention, though, is to tag interfaces.
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f586298%2flinux-bridges-tags-on-interface-vs-on-bridge%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?
The difference is that you may not want all the interfaces in the bridge to be tagged.
Is net effect the same? Or is there some functional difference I'm
missing here?
If you want all traffic traversing the bridge to be tagged, then there is no difference.
Convention, though, is to tag interfaces.
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
add a comment |
What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?
The difference is that you may not want all the interfaces in the bridge to be tagged.
Is net effect the same? Or is there some functional difference I'm
missing here?
If you want all traffic traversing the bridge to be tagged, then there is no difference.
Convention, though, is to tag interfaces.
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
add a comment |
What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?
The difference is that you may not want all the interfaces in the bridge to be tagged.
Is net effect the same? Or is there some functional difference I'm
missing here?
If you want all traffic traversing the bridge to be tagged, then there is no difference.
Convention, though, is to tag interfaces.
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
What is the difference between tagging on the bridge vs a physical
interface then adding that tagged interface onto the bridge?
The difference is that you may not want all the interfaces in the bridge to be tagged.
Is net effect the same? Or is there some functional difference I'm
missing here?
If you want all traffic traversing the bridge to be tagged, then there is no difference.
Convention, though, is to tag interfaces.
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
answered Apr 3 '14 at 0:02
EEAAEEAA
102k16148219
102k16148219
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
add a comment |
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
Are you saying that if I go em1.3 it will strip the tag prior to shipping the traffic off through to the bridge?
– rainereality
Apr 3 '14 at 1:43
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f586298%2flinux-bridges-tags-on-interface-vs-on-bridge%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
