Connectity issues between VM and HOST on multiple vlans

microgradient · 01-26-2014, 07:37 AM

Good day!
Let me briefly desribe my topology::

Cisco switch (SW) -----------via trunk----------------host (Centos 6.5 x86_64)

About the switch:
On SW there are 2 vlans: 100 (172.16.100.0/24) and 1000 (192.168.1.0/24).
This switch passes vlan 100 with a tag, vlan 1000 untagged (native vlan) to the host machine.
Also on SW 2 vlan interfaces are configure: Vl100: 172.16.100.102, Vl1000: 192.168.1.102

About the host:

Code:

 Linux version 2.6.32-431.3.1.el6.x86_64 (mockbuild@c6b10.bsys.dev.centos.org) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC) ) #1 SMP Fri Jan 3 21:39:27 UTC 2014

One phy. nic: eth0. Any security features are turned off (iptables, selinux, arptables, ebtables ....); Routing is on.

Network config (some output details are skipped):

Code:

br0      Link encap:Ethernet  HWaddr 00:22:15:06:47:6E                                                        
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          ...
br0.100   Link encap:Ethernet  HWaddr 00:22:15:06:47:6E
          inet addr:172.16.100.1  Bcast:172.16.100.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          ...
eth0    Link encap:Ethernet  HWaddr 00:22:15:06:47:6E
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

So there is a bridge br0 with eth0 on it + vlan interface br0.100.
Connectivity between SW and the host is OK, i.e. two sides can access each other on both vlans (tagged 100 and untagged 1000).

Now Virtualbox is installed (4.3.6 r91406) and with 1 vm on it (centos 6.5 x86 minimal with iptables, selinux turned off). VMs network (eth0) is in Bridged mode with br0 on the host.

Network on the VM:

Code:

eth0:      Link encap:Ethernet  HWaddr 08:22:27:F3:EB:85                                                        
          inet addr:192.168.1.205  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
eth0.100   Link encap:Ethernet  HWaddr 08:22:27:F3:EB:85                                                        
          inet addr:172.16.1.205  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

As you can see I pass vlans directly to the vm and I need to achieve connectivity between sw, host and vm on both 2 vlans

So far connectivity between (on both vlans) HOST<---->SW is OK; SW<----->VM is also OK.

The problem is that [U]HOST itself cannot access VM on a tagged vlan[U].
That is if I ping 192.168.1.1 (host) or 192.168.1.102 (sw) from 192.168.1.205 (vm) it works.
If I ping 172.16.100.102 (sw) from 172.16.100.205 (vm) it also works.
But if I ping 172.16.100.1 (host) from 172.16.100.205 (vm) it does not work.
Vm broadcasts arp request for 172.16.100.1, host receives it, replies to it, but the answer never gets to vm.

Code:

[root@srv network-scripts]#  tcpdump -ne -i br0.100 -xx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0.100, link-type EN10MB (Ethernet), capture size 65535 bytes
15:39:17.862544 08:00:27:f3:eb:85 > Broadcast, ethertype ARP (0x0806), length 42: Request who-has 172.16.100.1 tell 172.16.100.111, length 28                                                                                 
        0x0000:  ffff ffff ffff 0800 27f3 eb85 0806 0001                                                       
        0x0010:  0800 0604 0001 0800 27f3 eb85 ac10 646f                                                       
        0x0020:  0000 0000 0000 ac10 6401                                                                      
15:39:17.862556 00:22:15:06:47:6e > 08:00:27:f3:eb:85, ethertype ARP (0x0806), length 42: Reply 172.16.100.1 is-at 00:22:15:06:47:6e, length 28                                                                               
        0x0000:  0800 27f3 eb85 0022 1506 476e 0806 0001                                                       
        0x0010:  0800 0604 0002 0022 1506 476e ac10 6401                                                       
        0x0020:  0800 27f3 eb85 ac10 646f

On vm

Code:

[root@localhost]#arp
...
172.16.100.1	ether 	incomplete		eth0.100
...

Clearly tagged vlan between host and vm is not passed.

What I have done so far:

1. Installed tap0, added to br0 in the network settings for vm selected tap0. Doing this vm can access host on both vlans, it can also sw on untagged vlan, but not tagged vlan. Again vm broadcasts arp request for 172.16.100.102 (sw), sw receives it and replies to it, but vm never gets that response. Wireshark on the host shows arp requests leaving eth0 (also br0), but no replies come in to even eth0 itself on the host, though debug on switch shows incoming arp requests and outgoing arp replies on vlan 100.

2. Chose different nic types on virtual box, but still no success.

Any ideas on how to achieve interconnectivity between se host and vm?
The issue is not related to VirtualBox only. The same is true with vmware or Gns3.
Thank you.