Re: Combining bridging, 802.1q, and tap

From: Chris Adams
Date: Wed Apr 15 2009 - 22:08:10 EST

Once upon a time, Garry Dolley <gdolley@xxxxxxxxxxxxxxx> said:
> On Wed, Apr 15, 2009 at 07:53:04PM -0500, Chris Adams wrote:
> > If I run tcpdump in the VM and ping from the VM, I see:
> >
> > 19:02:04.443160 00:04:61:4a:ee:27 > Broadcast, ethertype ARP (0x0806), length 42: arp who-has tell
> >
> >
> > I swear I saw tagged packets within the VM earlier. :-(
> Are you running tcpdump in the VM on eth2?


> If so, you won't see tagged packets on eth2.

Huh, I didn't realize that. I set up a different test, and you are
right (confusing, but correct).

However, if I (in the host) tcpdump tap2 or br2, the packets are
untagged there as well. So, either:

- they are not being tagged in the VM

- qemu-kvm is stripping the tag

- the tap interface is stripping the tag

> > Okay, if I watch eth2 and eth2.20 with the same tcpdump command as
> > above, I see incoming packets correctly. On eth2, I see the tag, and
> > then they show up on eth2.20 without the tag. It appears to only be a
> > problem with outbound packets not getting tagged (I see the same
> > untagged packets in the host with a tcpdump on tap2).
> Are you sure you see the tag on eth2? I woulda killed to see the
> tag on the physical int when doing my setup a few weeks ago.

I only see it on traffic from the LAN, but yes, I do see it there.

> I wonder if VLAN hardware acceleration has anything to do with it.

Is that something that can be turned on/off within the VM?

> Can you show a tcpdump on the host when pinging from inside the VM?

# tcpdump -s0 -e -n -i tap2
20:55:30.927645 00:04:61:4a:ee:27 > Broadcast, ethertype ARP (0x0806), length 42: arp who-has tell

# tcpdump -s0 -e -n -i br2
20:56:11.474010 00:04:61:4a:ee:27 > Broadcast, ethertype ARP (0x0806), length 42: arp who-has tell

Aha! Apparently, there's a fourth option to the above possible sources
of the problem:

- the 8139 driver (either in the VM kernel or qemu-kvm) is stripping the

I switched qemu-kvm to emulate an Intel i82557b (using e100 driver in
the VM), and it all works!

Thanks for letting me know it _should_ work and helping me think through
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at