There is a frustrating lack of information on how to set up multiple VLAN interfaces on a KVM host out there. I made my way through it in production today with great applications of thud and blunder; here’s an example of a working 01-netcfg.yaml with multiple VLANs on a single (real) bridge interface, presenting as multiple bridges.
Everything feeds through properly so that you can bring KVM guests up on br0 for the default VLAN, br100 for VLAN 100, or br200 for VLAN 200. Adapt as necessary for whatever VLANs you happen to be using.
# This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: eno1: dhcp4: no dhcp6: no eno2: dhcp4: no dhcp6: no vlans: br0.100: link: br0 id: 100 br0.200: link: br0 id: 200 bridges: br0: interfaces: - eno1 - eno2 dhcp4: no dhcp6: no addresses: [ 10.0.0.2/24 ] gateway4: 10.0.0.1 nameservers: addresses: [ 188.8.131.52,184.108.40.206 ] br100: interfaces: - br0.100 dhcp4: no dhcp6: no addresses: [ 10.0.100.1/24 ] br200: interfaces: - br0.200 dhcp4: no dhcp6: no addresses: [ 10.0.200.1/24 ]
4 thoughts on “VLANs with KVM guests on Ubuntu 18.04 / netplan”
Just wanted to say thank you for posting this! I’ve been banging my head on this for past few hours and this help me sort out my issues. 🙂
Thanks for sharing this! I’ve been a little puzzled as to how to configure netplan with VLANs for my KVM box in 18.04, and this did the trick.
Thanks a lot for sharing this. Agree it is very difficult to find useful info on netplan.
This was exactly what I needed to setup my pfSense(guest) on Ubuntu(host) with KVM. Below is my config.
Thank you for this. It is very useful.
So, if I understood this correctly, Everything that is on br0 only (10.0.0.2/24) is untagged or part of a native VLAN and everything which comes in as br0.100(10.0.100.1/24) or br0.200(10.0.200.1/24) is VLANs 100 and 200 respectively, correct?
Will the guests see the three bridges as three separate interfaces which are available?
And my last question is, does the host need to have IPs in all the VLANs, or could the address fields be left empty for the guests to get their own IPs, in these VLANs, but not the host?