Bug 2180795

Summary: [RFE] Allow configuration of bridge.vlan-default-pvid
Product: Red Hat Enterprise Linux 9 Reporter: Petr Horáček <phoracek>
Component: nmstateAssignee: Gris Ge <fge>
Status: VERIFIED --- QA Contact: Mingyu Shi <mshi>
Severity: unspecified Docs Contact: Jaroslav Klech <jklech>
Priority: unspecified    
Version: 9.2CC: ferferna, jiji, jishi, jklech, network-qe, sfaye, till
Target Milestone: rcKeywords: FutureFeature, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nmstate-2.2.12-1.el9 Doc Type: Enhancement
Doc Text:
Feature: The NetworkManager setting bridge.vlan-default-pvid can be configured with Nmstate. Reason: The reporter wants to configure bridge vlan-default-pvid with Nmstate in order to configure the default VLAN pvid when using Linux Bridge VLAN filtering. Result: The user can configure VLAN filtering default pvid with the following state: ---- interfaces: - name: linux-br0 type: linux-bridge state: up bridge: options: vlan-default-pvid: 5 port: - name: eth1 stp-hairpin-mode: false stp-path-cost: 100 stp-priority: 32 vlan: mode: access tag: 100 ---- Please, notice that VLAN filtering must be enable to configure vlan-default-pvid.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Horáček 2023-03-22 10:43:20 UTC 
Description of problem:
The underlying OS assigns the default VLAN 1 to a newly created bridge and every port attached to it. That can be an unexpected issue when attaching veth pairs to a bridge, marking then with a VLAN tag 100, but then seeing traffic from both VLAN 1 and 100 on the other end of the veth. Providing a way to set bridge.vlan-default-pvid on the bridge would allow administrators to disable this default behavior or set a different ID.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Create a bridge using nmstate, setting bridge.vlan-default-pvid to None
2. Attach a veth to it

Actual results:
This attribute does not exist

Expected results:
This should be supported and lead into no VLAN assigned to the veth port


Additional info:
Comment 4 Mingyu Shi 2023-06-29 10:16:37 UTC 
Verified with:
nmstate-2.2.12-2.el9.x86_64
nispor-1.2.10-1.el9.x86_64
NetworkManager-1.43.10-1.el9.x86_64
DISTRO=RHEL-9.3.0-20230628.0