LinuxQuestions.org - Problem with a Bridge and TUN & Vlan interfaces attached

Hello,

i have two dedicated server with two public ip.
My dedicated provider has configured a vlan on tag 2019 between those two servers.

So i have my physical hosts configured like this :

PHYHOST1
eth0 :
address : my.pub.lic.ip
gw : my.provider.gate.way

vlan2019 (attached to eth0 like this eth0.2019):
address : 192.168.0.1

PHYHOST2
eth0 :
address : another.pub.lic.ip
gw : my.provider.gate.way

vlan2019 (attached to eth0 like this eth0.2019):
address : 192.168.0.2

now, pinging PHYHOST1 to PHYHOST2 on public ip and vlan ip is ok ie :
PHYHOST1# ping 192.168.0.2
64 bytes from 192.168.0.2: icmp_seq=1 ttl=63 time=0.273 ms

from host2 to host1 is ok too. Si my vlan seems to work correctly.

After that i setup this thing on PHYHOST1

PHYHOST1 :
eth0 :
address : my.pub.lic.ip
gw : my.provider.gate.way

vlan2019 (attached to eth0 like this eth0.2019):
address : null

br0 :
address : 192.168.0.1
tap0:
address : null

PHYHOST1# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.525400123456 no vlan2019
tap0

So here, i create a bridge with vlan2019 and a tap interface connected. I remove the ip address for vlan and put it on the bridge.

Everything's working fine.

Code:

PHYHOST1# ifconfig

br0      Lien encap:Ethernet  HWaddr 00:30:48:bd:ee:42  

          inet adr:192.168.0.1  Bcast:192.168.0.255 Masque:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1





eth0      Lien encap:Ethernet  HWaddr 00:30:48:bd:ee:42  

          inet adr:public.ip.add.ress  Bcast:94.23.237.255 Masque:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1





lo        Lien encap:Boucle locale  

          inet adr:127.0.0.1  Masque:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1





tap0      Lien encap:Ethernet  HWaddr 52:54:00:12:34:56  

          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1





vlan2019  Lien encap:Ethernet  HWaddr 00:30:48:bd:ee:42  

          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1

(i removed TX, RX infos etc for readability)

Code:

PHYHOST1# route

Destination    Passerelle      Genmask        Indic Metric Ref    Use Iface

192.168.0.0    *              255.255.255.0  U    0      0        0 br0

pub.ip.add.ress    *              255.255.255.0  U    0      0        0 eth0

loopback        *              255.0.0.0      U    0      0        0 lo

default        pub.ip.add.ress  0.0.0.0        UG    0      0        0 eth0

And a ping is OK like before the bridge

Code:

PHYHOST1# ping 192.168.0.2

64 bytes from 192.168.0.2: icmp_seq=1 ttl=63 time=0.253 ms

So the packet are going correctly through the bridge to the vlan2019 and are transported correctly on the physical link connected to eth0.

And now i want to connect a VM on this bridge. The goal is to have this VM connected to the vlan network, so i can access it directly from any physical or virtual host connected the vlan.
So i want to attach 192.168.0.3 to my VM NIC and be able to ping any other machine on the vlan.

So as previously said i added vlan2019 and tap0 interface to the bridge.
I'm running a KVM virtual machine with this in my starting command

Code:

-net nic,model=virtio,macaddr=08:ef:50:b5:bd:03 -net tap,ifname=tap0,script=no,downscript=no

I then configure my VM with those parameters
eth0 :
address : 192.168.0.3
gateway : 192.168.0.1

(i configure tap interface with VM a lots of time without any problem before)

In my VM i can ping 192.168.0.1 (br0 ip address) but i can't ping 192.168.0.2 (PHYHOST2).
ON PHYSHOST1, i can ping PHYHOST2, VM (192.168.0.3), and myself (192.168.0.1).

So, how can i have my packet going from tap0 on br0 outgoing through vlan2019 to PHYHOST2. How can any packet going in this bridge be routed correctly.

On my PHYHOST1 (with bridge and virtualisation) i hve ip_forward enabled.

Does anybody has any clue on this ?

thanks in advance