I have a node running OpenVZ CT (ProxMox). eth1 on HN are bridged through vmbr1 to veth device on CT101 (eth1 inside container).
(Host Node) eth1 -> vmbr1 <- veth101.1 <- eth1 (CT101)
No VLANs, casual setup. Both bridge and physical interface on HN aren't assigned any IPs. They are just "forwarding" for CT101.
Now I want to forward trunk port with 2 802.1Q VLANs through that interface. Can I just create those VLANs subinterfaces inside CT101? How it works then tags are passed through linux bridge? Are tags are saved or removed?
Or it would be better to detach eth1 from vmbr1 on HN, create VLAN subinteraces and attach them through separate bridges to CT101. So each VLAN goes though dedicated bridges and ends up as an untagged "pseudo-physiacal" ethX device inside container?
I've ended up on the last solution back then. I create vlanXXX interface and UP it without any IP. When I create vmbrXXX and attach that vlanXXX to it. Next I add that bridge to OpenVZ container as a separate interface inside container. That works pretty well so far. Same thing can be used on newer Proxmox with LXC but seems like their web-interface now works well with defining VLANs on CTs as well.