Subject: xen2 and VLANs (again)
To: None <port-xen@netbsd.org>
From: Chris Brookes <cbrookes@gmail.com>
List: port-xen
Date: 12/10/2007 23:08:27
I have done some searching and I've read a couple of threads on VLANs
with Xen  but I'm still not sure I can do what I want to do.

Here's what I have now:

DOM0:
bridge0: vr0 interface,xvif1.1,xvif2.1,xvif3.1 (private net dom-u)
bridge1: vr1 interface, xvif4.1, xvif5.1, xbif6.1 (public net dom-u)

I was wanting to have my DOM0 run another dom-u for a third network I
have. Initially I thought  I'd just attach another NIC, make a third
bridge, and follow the same scheme as above. But then I realized I'd
have to BUY another NIC. My vr0 and vr1 are cabled to unique vlans on
the same physical switch, and my switch supports 802.1Q. Seems like I
should be making use of this now. Is it as simple as this:

DOM0:

vr0 - vlan0 interface
vr0 - vlan1 interface
vr0 - vlan2 interface

bridge0: vlan0, xvif1.1,xvif2.1,xvif3.1
bridge1: vlan1, xvif4.1, xvif5.1, xbif6.1
bridge2: vlan2, xvif7.1

I need dom-0 to be reachable by IP from vlan0, but I dont need or want
dom-0 to be reachable from vlan1 or vlan2. I will need all dom-u's to
be able to reach each other, and assuming layer 3 permits, should
there be an issue? I thought I read that I couldn't have a vlan
interface in a bridge, but maybe I read it wrong.

Regarding MTU, I didn't seem vr listed in vlan(4) as supporting the
increased size for 1q frames. If it's not a simple patch (I saw one
for OpenBSD) where would I be adjusting the MTU, on the Dom-U xennet
configurations?

Sorry if this is all old news but I wanted to be a bit more confident
about the approach before touching my rock solid system!

C