Opened 8 years ago
Last modified 7 years ago
#16233 new defect
Vbox bridge loses outer QinQ tag — at Initial Version
| Reported by: | Arc | Owned by: | |
|---|---|---|---|
| Component: | network | Version: | VirtualBox 5.1.10 |
| Keywords: | qinq tag tap | Cc: | |
| Guest type: | Linux | Host type: | Linux |
Description
Virtualox bridge loses outer QinQ tag if bridged with Linux TAP interface
Steps to reproduce:
1) Install OS Linux on PC.
In my case: Ubuntu 14.04.5 kernel 4.2.0-42-generic X86_64
2) Install Virtualbox ( in my case ver. 5.1.10 r112026 (Qt5.6.1) ) from http://download.virtualbox.org/virtualbox/5.1.10/virtualbox-5.1_5.1.10-112026~Ubuntu~trusty_amd64.deb
3) Download and install guest Linux OS.
In my case Ubuntu 16.04.01 (http://releases.ubuntu.com/16.04/ubuntu-16.04.1-server-i386.iso)
4) On host system create tap interface: {{ ip tuntap add dev tap10 mode tap ip link set dev tap10 up }} 5) In guest VM netwrok settings set network adapter to "bridge" mode to interface tap10
vboxmanage modifyvm TESTVM --nic2 bridged vboxmanage modifyvm TESTVM --bridgeadapter2 tap10
All other network settings may be set to default. I tried to change the "adapter type" and "promiscuous mode". Their change does not change the result.
6) Create QINQ subinterface on host interface tap10 with inner vlan 2000 and outer vlan 100 and set ip address (type of protocol 802.1q or 802.1ad not important. This change does not change the result):
ip link add link tap10 tap10.100 type vlan proto 802.1q id 100 ip link set up tap10.100 ip link add link tap10.100 tap10.100.2000 type vlan proto 802.1q id 2000 ip link set up tap10.100.2000 ip addr add 10.11.12.1/24 dev tap10.100.2000
7) Start up guest VM and determine which interface bridged with tap10
In my case this is a enp0s8
8) Create QINQ subinterface on VM interface which bridged with tap10 with inner vlan 2000 and outer vlan 100 and set ip address (type of protocol 802.1q or 802.1ad not important. This change does not change the result):
ip link set up enp0s8 ip link add link enp0s8 enp0s8.100 type vlan proto 802.1q id 100 ip link set up enp0s8.100 ip link add link enp0s8.100 enp0s8.100.2000 type vlan proto 802.1q id 2000 ip link set up enp0s8.100.2000 ip addr add 10.11.12.2/24 dev enp0s8.100.2000
9) start watch for traffic on host PC on tap10 interface:
tcpdump -i tap10 -vvv -e
for creating pcap file
tcpdump -i tap10 -vvv -e -w qinqPC.pcap
10) start watch for traffic in guest VM on "physical" interface:
tcpdump -i enp0s8 -vvv -e
for creating pcap file
tcpdump -i enp0s8 -vvv -e -w qinqVM.pcap
11) Try to ping 10.11.12.2 from 10.11.12.1 (Host PC => Guest VM)
ping 10.11.12.2
12) You should get the following results: on physical PC (tap10):
21:22:06.345997 f6:4e:f0:31:76:45 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.2 tell 10.11.12.1, length 28 21:22:07.346093 f6:4e:f0:31:76:45 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.2 tell 10.11.12.1, length 28 21:22:08.346032 f6:4e:f0:31:76:45 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.2 tell 10.11.12.1, length 28
on VM (enp0s8):
21:30:21.737754 f6:4e:f0:31:76:45 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.2 tell 10.11.12.1, length 46 21:30:22.738035 f6:4e:f0:31:76:45 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.2 tell 10.11.12.1, length 46 21:30:23.737981 f6:4e:f0:31:76:45 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.2 tell 10.11.12.1, length 46
As seen, on VM side is missing outer vlan (vlan 100)
If a try to ping from VM to PC the outer vlan in right place only in ARP request. In ARP reply (PC -> VM) the outer vlan is missing. on physical PC:
21:35:12.342498 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 42 21:35:12.342501 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 42 21:35:12.342521 f6:4e:f0:31:76:45 (oui Unknown) > 08:00:27:5d:26:01 (oui Unknown), ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.11.12.1 is-at f6:4e:f0:31:76:45 (oui Unknown), length 28 21:35:13.343489 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 42 21:35:13.343495 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 64: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 42 21:35:13.343516 f6:4e:f0:31:76:45 (oui Unknown) > 08:00:27:5d:26:01 (oui Unknown), ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.11.12.1 is-at f6:4e:f0:31:76:45 (oui Unknown), length 28
on VM:
21:35:10.614413 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 28 21:35:10.614556 f6:4e:f0:31:76:45 (oui Unknown) > 08:00:27:5d:26:01 (oui Unknown), ethertype 802.1Q (0x8100), length 64: vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.11.12.1 is-at f6:4e:f0:31:76:45 (oui Unknown), length 46 21:35:11.615368 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 28 21:35:11.615549 f6:4e:f0:31:76:45 (oui Unknown) > 08:00:27:5d:26:01 (oui Unknown), ethertype 802.1Q (0x8100), length 64: vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.11.12.1 is-at f6:4e:f0:31:76:45 (oui Unknown), length 46 21:35:12.615063 08:00:27:5d:26:01 (oui Unknown) > Broadcast, ethertype 802.1Q (0x8100), length 50: vlan 100, p 0, ethertype 802.1Q, vlan 2000, p 0, ethertype ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.11.12.1 tell 10.11.12.2, length 28
It does not look as a TAP bug. If a try to bridge two tap interface via linux bridge, and create QINQ subinterfaces for each of them, this problem does not appear.
PCAP-s from VM and PC (qinqVM.pcap and qinqPC.pcap) in attachement.
Thanks in advance!


PCAP-s from VM