Subject: Re: Xen and VLANs
To: Manuel Bouyer <>
From: Johan Ihren <>
List: port-xen
Date: 01/06/2006 12:39:22
Hash: SHA1

Hi Manuel,

>> Any ideas anyone?
> I tried this too, and this doesn't work. The problem is with the way
> bridge and vlan works, once you have a brige packets will never be
> passed to the vlan interfaces (or the opposite, I don't remember).
> My workaround was to bridge the N vlan interface in dom0 (creating N
> xennet interface for each domU) instead of bridging the physical  
> interface
> and creating the vlans in each domU

Ho hum. I see.

I understand your workaround, but unfortunately it doesn't work for  
me because I actually need the physical interface to be bridged  
because that's the way I arrange remote login access to students  
(located at various desktops outside without any VLANs). Yes, I know  
it's messy to mix both tagged and untagged traffic over the same  
infrastructure, but that's the only solution I found.

Another alternative (vastly preferred from my POV) was if there was  
any way to connect to the domUs from the dom0 without involving the  
physical interface at all. I.e. if the dom0 also had one (or several)  
"virtual" xennetN, then everything would work out just fine with a  
cleaner design than both your workaround and my (non-functional)  

Would it be possible to add that?

A third alternative in my case would be to create an "admin domU"  
that replaces the dom0 for all communication with other domUs and  
then have the admin domU talk to the dom0 over an untagged  
connection. I knew that before posting in the first place, but that's  
a really, really kludgy solution that I'd like to avoid if at all  


Version: GnuPG v1.4.0 (Darwin)