vlan in combination with bhyve not working

[Nobody2222]

Hallo together,

I have a problem using VLans in combination with bhyve. I found a few reports also describing VLan problems, but in some cases they look different.

My problem:
The VM receives and IP-Address from the DHCP server, but the VM is not able to comunicate with devices outside of the physical host network located in the same VLan

Here my setup:
- Intel nic with one untaged and two taged networks (202 + 203)
- VLan interfaces created using the GUI
- Switch configured for the VLans 202 + 203 to tagging
- Created a VM (Windows / Linux) with one assigned network interface (202)

Already tested:
- The VM receives an IP from the router and VLan.
- I see the mac of the VM on the switch, in the correct VLan
- With ifconfig on FreeNas, i see the bridge vor the VLan, containing the VLanInterface and the TAP created for the VM
- A second VM with the same VLan on the same host receives also an IP and is reachable from the other VM
- If DHCP is enabled for the Host VLan interface it receives an IP. This ip is also reachable from the VM.
- From the Host I can ping the router in the VLan and the VM in the VLan, but the VM reaches only targets on the same Host
- I used an second Network interface with only tagged networks. No change
- I tried a tagged interface in the VM. This it will not receive an IP address
- If the VM is assigned to an untagged network, everything is fine

For me it looks like there is no traffic on layer 3 from the VM to the network.

Thanks for your support and ideas.

Best regards

Stefan

 

[dlavigne]

Were you able to resolve this?

 

[Nobody2222]

Hi,


actually i have a combination which is stable.

I have defined the "hardware" nic without any IP, than add for every network a VLan interface on this nic (also for the former untagged network).
From the switch all networks are delivered tagged without any untagged network coming from the switch.
The former untagged network is now VLan1 and has a static IP to access FreeNas, the rest is assigned to VMs.


A few additional results:
In the former configuration, I had a bridge for every VLan and the untagged network. Using TCPdump I was surprised to see arp requests of the VM connected to a VLan in the bridge assigned to the untagged network. I had expected this requests on the bridge connected to the VLan.

Before I tested a similar (only tagged VLans on the Interface) configuration with a second nic, without succsess. In this case I had only shifted the planned VLans and still an untagged network (1) coming from the switch to the second interface. There was no IP on the interface, but with activated untagged VLan from the switch it was not working.
I killed the network connection many times to find this.

For testing i added a second nic in a different untagged network, so I was able to test without connecting a keyboard or monitor.