Using VLANs with KVM

So you have a managed switch which is capable of passing VLAN tagged packets to one or more interfaces on your hypervisor(s) where KVM is running. In order to make VMs aware of these VLANs we need to create some VLAN interfaces and associate them with empty bridges. My setup assumes that multiple VMs will need to access the same VLAN interfaces. I’m also assuming that you want your routing and switching to occur some place other than KVM. This means that you have a router/firewall somewhere other than on your hypervisor. On the KVM side of things we will need to attach these empty bridges to whatever VMs we need to and then assign static IPs to each interface inside of the VM itself.

Step 0) Configure the VLANs on your firewall or managed switch. If you don’t know how to do this then you probably shouldn’t continue on.

RHEL/CentOS/Fedora

Step 1) Create the VLAN interface

Assume that we want to use VLAN ID 200 on interface ‘eth0’ and attach it to bridge ‘virbr200’:

# cat > /etc/sysconfig/network-scripts/ifcfg-eth0.200 << EOF
DEVICE=eth0.200
VLAN=yes
ONBOOT=yes
BRIDGE=virbr200
EOF

Step 2) Create the bridge

# cat > /etc/sysconfig/ifcfg-virbr200 << EOF
DEVICE=virbr200
TYPE=Bridge
BOOTPROTO=none
ONBOOT=yes
EOF

*Note that "Bridge" must be capitalized

Debian/Ubuntu (this is purely my best guess)

Step 1) Append the following to /etc/network/interfaces

auto eth0.200
iface eth0.200 inet manual

auto virbr200
iface virbr200 inet manual
  bridge_ports eth0.200

Final Step) Bring the interfaces up and assign them to the VMs

# ifup eth0.200
# ifup virbr200

# virsh edit myvirtualmachine

Look for "<source bridge='some-other-bridge'>" and change it to "<source bridge='virbr200'>" Save, exit and enjoy.