[libvirt-users] Adding a VLAN tag to a libvirt SR-IOV VF network using the "virsh net-update" command

Laine Stump laine at redhat.com
Wed Aug 1 21:06:56 UTC 2018 

On 07/11/2018 12:33 AM, Yegappan Lakshmanan wrote:
> Hi all,
> 
> How do you add a VLAN tag to a libvirt SR-IOV VF network using
> the "virsh net-update" command? I couldn't find the section to pass
> to the "virsh net-update" command to add the VLAN tag.
> 
> I have the following libvirt network defined for a SR-IOV VF:
> 
> <network>
>   <name>GE0-0-SRIOV-1</name>
>   <uuid>7bc67166-c78e-4bcf-89ee-377dd9086631</uuid>
>   <forward mode='hostdev' managed='yes'>
>     <driver name='vfio'/>
>     <address type='pci' domain='0x0000' bus='0x02' slot='0x10'
> function='0x0'/>
>   </forward>
> </network>
> 
> I am trying to add VLAN 100 to this network. If I use the following
> command to
> add a VLAN tag to this network:
> 
> virsh net-update GE0-0-SRIOV-1 modify bridge --xml "<vlan
> trunk='no'><tag id='100'/></vlan>">
> It fails as the section "bridge" doesn't support adding a VLAN tag.

Right. Because the <vlan> element in a network is not a part of the
<bridge> element. It is a separate element all its own. the net-update
command only supports updating a few very specific parts of the network
definition, and the vlan element isn't one of those that's supported.


> I
> have tried
> other section values like domain and all of them fail.

I don't remember the chronology, but it's very likely that support for
net-update was added before vlan tagging was supported, and that
net-update support for it was either forgotten or deemed impractical to
implement when vlan tag support was later added.

> 
> I am able to add the VLAN to the portgroup section, but then the VLAN
> configuration
> is not propagated to the underlying physical PF interface.

Aha! This can be used to work around the absence of support for changing
the <vlan> element directly under <network>.

If the guest has "portgroup='blah'" in it's interface <source> element
(or if the <portgroup> you change has "default='yes'", then any guest
that is started after adding the portgroup should use the new vlan tag.
However, the pre-existing interfaces of pre-existing guests will not
have their vlan tag changed.

> 
> If I manually add the VLAN configuration using the "virsh net-edit"
> command and
> then connect a VM to this network, then the VLAN information is
> correctly propagated
> to the underlying physical NIC device.

Note that "virsh net-edit blah" is functionally the same as:

  virsh net-dumpxml blah --inactive >/tmp/blah.xml
  [modify /tmp/blah.xml]
  virsh net-define /tmp/blah.xml

(and of course you'll have to net-destroy / net-start the network for
the changes to take effect).

> I need a way to automate this
> configuration.
> 
> Any pointers?
> 
> Thanks,
> Yegappan
> 
> 
> 
> _______________________________________________
> libvirt-users mailing list
> libvirt-users at redhat.com
> https://www.redhat.com/mailman/listinfo/libvirt-users
>

More information about the libvirt-users mailing list