1 bridge - 1 vNIC - Multi VLAN

Question

I have an issue that I can't resolve since a few weeks... I present to you the configuration for understanding:

I have a NAS Qnap that it makes Virtualization (qemy/kvm). The OS of the Qnap is CentOS. The Qnap is connected to a Switch (Cisco) with VLAN. On Cisco, no problem, it runs fine (VLAN or other)... On the Qnap Virtualization, I put an ESXi (Nested). It's ok too.

The configuration on the Qnap by default :

Eth0 - vlan 100 - 192.168.100.253

I created a vSwitch1 (Bridge) on the interface eth0 (192.168.100.253) and put the vNIC of the ESXi (vnet0). So :

vswitch1 = qvs0.................Eth0 => that creates Eth0.100

When I run the command brctl, I have this :

bridge name     bridge id               STP enabled     interfaces
qvs0            8000.00089bfaa4e6       yes             eth0.100
                                                        vnet0

Ok, now the configuration where I want to go is :

QNAP (vlan).....Bridge.........Hypervisor (vnic)..............vlan 

.........................................................| => vlan 20

Eth0 (100)......qvs0...........ESXI (vlan 10): vnet0.....| => vlan 30

.........................................................| => vlan 40

..........192.168.100.253......192.168.10.253............192.168.20.253

.........................................................192.168.30.253                                                                        

.........................................................192.168.40.253

Then, I creates a script at startup of the Qnap :

# ----------------------------------#
#                                   #                       
#!/bin/sh                           #                       
#                                   #                       
# /etc/config/autorun.sh            #
#                                   #                       
# ----------------------------------#

ip link set eth0 txqueuelen 10000
echo 1 > /proc/sys/net/ipv4/tcp_rfc1337
echo 2 > /proc/sys/net/ipv4/tcp_frto
echo 1 > /proc/sys/net/ipv4/tcp_mtu_probing
echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
echo 1 > /proc/sys/net/ipv4/tcp_workaround_signed_windows
echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
echo 0 > /proc/sys/net/ipv4/tcp_tw_recycle
echo 1 > /proc/sys/net/ipv4/tcp_low_latency
echo 1 > /proc/sys/net/ipv4/tcp_ecn

# vlan 10 ********************

ip link add link eth0 name eth0.10 type vlan id 10
ip link set eth0.10 mtu 1500


# vlan 20 ********************

ip link add link eth0 name eth0.20 type vlan id 20
ip link set eth0.20 mtu 1500


# vlan 30 ********************

ip link add link eth0 name eth0.30 type vlan id 30
ip link set eth0.30 mtu 1500


# vlan 40 ********************

ip link add link eth0 name eth0.40 type vlan id 40
ip link set eth0.40 mtu 1500


ip link set dev eth0.10 up
ip link set dev eth0.20 up
ip link set dev eth0.30 up
ip link set dev eth0.40 up

/sbin/brctl addif qvs0 eth0.100 eth0.10 eth0.20 eth0.30 eth0.40 vnet0

The problem is it doesn't work. I can't access to vlan 10, 20, 30 or 40... When the NAS reboots and that script runs, I loose all (no ping, no access to the entire NAS)... I don't know where is the problem at all....

I hope it's clear for you...

Thanks a lot for your help

Inter-Rupteur

Answer 1

The QNAP (likely) doesn't run CentOS but QNAP's own Linux flavor. QNAP doesn't properly support VLAN tagging - officially supported, you can only tag or not-tag but subinterfaces don't work (which is ridiculous). From the console, you could enable VLANs but that's likely to break when updates are installed or even when the NAS is rebooted.

The nested ESXi host with its virtual NIC doesn't get the functionality required to make VLAN tagging work across to the physical NIC . You'll need to run the ESXi on a platform supporting VLANs properly or make the QNAP work with VLANs. Additionally, you'd need to configure the ESXi vNIC to support VLANs. My advice is to use better a suited platform.