Something that has come up a bunch recently is how do I hand trunk ports to VMs in Ovirt/RHV and what are the pitfalls?
The short answer is, its very very easy. All you need to do is define a logical network and set the vNIC profile to No Network Filter. Like this guy here we called ‘trunk’
This would let you do your own tagging inside the VM on a nic set to the ‘trunk’ network. All well and good yes? So I can have a trunk port and do my own tagging and just create other logical networks for when I want Ovirt/RHV to do the tagging for me? Why did you even write this?
Well, we’re going to talk about the “VLAN Overlap Problem”. What is the VLAN Overlap Problem anyway? Lets say you have created VLAN 20. VLAN 20 is a great VLAN….THE BEST VLAN.
And you want some VMs to use VLAN 20 so you make a logical tagged network. Now lets say you have another VM that needs to use a lot of VLANs, so letting that VM do its own tagging makes sense right? And of course, you also will want to to use VLAN 20 on this trunk too. Well, depending on how you set your Ovirt/RHV hosts, you may encounter this VLAN Overlap Problem. The main cause of this issue is a very straight forward one. On your Ovirt/RHV hosts, if you assigned the VLAN 20 logical network and the ‘trunk’ port to the same interface this will not work. Lets look at this example from my lab:
You can see here that ‘trunk’ is on bond1 with a bunch of other tagged logical networks. I know, I know. OpenStack networks? In my Ovirt/RHV? What is that? I promise to get to that in another post. For now lets just focus on trying to use trunk on the storage network VLAN 83 (and we will just pretend its still 20. 20 is cool 83 is boring). What will happen? Well, because they are on the same interface bond1 we have nothing to pass that traffic between the trunk, which uses no filter, to VLAN 83 which is specifically being handled by the network filter. This is the VLAN Overlap Problem.
So how do we solve this? Well there are probably more than 2 ways but we’re going to lay out your options for the 2 main solves:
The first one is pretty straight forward. Put your logical vlan networks on one interface and put your trunk on another interface. If my lab machine had another interface created and wired up, say a bond2, then I could put my trunk network on bond2 and then we would not have this overlap issue. Why? Because now instead of being nothing to pass the traffic between the trunk and the tagged network on the same interface, the traffic would have to flow to a switch out of one interface and into the other thus solving the problem.
This is what I’ve done here and this is more of a compromise than a solution. The compromise is, only create logical tagged networks for VLANs you won’t use on the trunk network.
So now that I’ve told you what the problem is, how it happens, and basically what your best options are I am sure you have more questions. Why would you do this? How does this matter? Why are there OpenStack networks in Ovirt/RHV? Tune in next time for OpenStack virtualized control plane.