Vlan in guest bridged to one ethernet interface

Hello all,

I would like to achieve the following:

on my Debian10 notebook (host) I have an Ethernet interface enpls0. This interface the host should use the IP packets should remain untagged.

In the lxc-guest there should be an eth0 with DHCP which should be bridged without NAT with the hardware ethernet interface. In the guest the packets should be untagged, on the hardware ethernet interface tagged.

Further guests shall get other tags. I suspect this will require another bridge for each.

Despite extensive attempts, I haven’t found a solution yet. I guess I need to edit /etc/network/interfaces and create a configuration file in /etc/lxc.

Can someone send me a sample configuration?

Thanks in advance!

Bridging enpls0 on the host into a br0 type bridge, then attaching the container to that will get it all the tags, the container can then create tagged interfaces on top of their eth0 device.

The catch is that if you then create a enpls0.10 on the host, then your br0 will no longer get that tag. If you want the host itself to use a tag but not affect the bridged containers, you’ll need to split off the tag at the bridge level, so creating br0.10 instead of enpls0.10 in this case.