common
common copied to clipboard
containers
VLAN support for bridge networks (multiple networks on the same bridge with different VLAN tags)
We use the linux bridge in VLAN-aware mode to interconnect different container/VMs (podman, libvirt, lxc, systemd-nspawn). To connect podman containers to a specific VLAN I use the CNI bridge plugin in L2-only vlan configuration.
We try to do the same w/o CNI. There are two things missing currently:
- Support multiple networks with the same
network_interfacebut differentvlansetting - Set the vlan on the veth link like:
sudo bridge vlan add vid 20 pvid untagged dev ...
I opened an issue for netavark but first part belongs to common/libnetwork:
1. podman create network
Currently, the podman network create already allows to set a vlan option:
$ podman network create -o 'com.docker.network.bridge.name=brint' \
-o vlan=20 --ipam-driver 'none' vlan20
results in /etc/containers/networks/vlan20.json
{
"name": "vlan20",
"driver": "bridge",
"network_interface": "brint",
"options": {
"vlan": "20" <---
},
"ipam_options": {
"driver": "none"
}
}
But it fails to create another network on the same bridge with different vlan tag:
$ podman network create -o 'com.docker.network.bridge.name=brint' \
-o vlan=30 --ipam-driver 'none' vlan30
Error: bridge name brint already in use
Relevant code is in libnetwork/internal/util/bridge.go#L16
