Ah thats good to know. The VLAN interception must occur before the bridge path.
For example you shouldn’t add an IP address to bond0 interface as that won’t work.
The VLAN filtering feature is described here: Weekly status #151
Basically you wouldn’t use macvlan NICs, but instead use only bridged NICs and have your br0 bridge behave like your Dell switch does and pass certain VLANs to certain ports (either tagged or untagged).
Here’s an example:
ip link add name br0 type bridge # Create bridge
echo 1 > /sys/class/net/br0/bridge/vlan_filtering # Enable VLAN filtering on bridge
ip link set dev bond0 master br0 # Add bond0 to it
bridge vlan add dev bond0 vid 10 # Add bond0 as a tagged member of VLAN 10
bridge vlan add dev bond0 vid 11 # Add bond0 as a tagged member of VLAN 11
bridge vlan show
port vlan ids
bond0 1 PVID Egress Untagged
10
11
Now in LXD you can create an instance with a bridged NIC and specify which VLAN it belongs to:
lxc init images:ubuntu/focal c1
lxc config device add c1 eth0 nic nictype=bridged parent=br0 vlan=10
This will join it to the bridge, and set the untagged VLAN membership to VLAN 10.
I’m not sure if netplan supports setting up br0 in that way yet though, so using networkd or a manual systemd unit may be needed.