Bridge and VLans

I currently have a bridge setup with 1.3-rolling-202012141037 and things are working great. Here is the basic setup:

eth0 ---- vyos — br0 with eth1, eth2, eth3, eth4.

I have a routing rule where any traffic from the bridge subdomain get forwarded to eth0. I have a bit of traffic that is between eth1 and eth4 that I would like to segregate out with a vlan( specifically iscsi traffic ), but I would like to preserve other traffic from eth1 and eth4 the same( ssh, http, etc ). Is it poibble to create a vlan with eth1 and eth4 so only the tagged packets go between them while non tagged packets still get broadcasted out to all intefaces?

Hi @kromberg , I think you can enable vlan tagging within the bridge for eth1 and eth4 and put rest of the untagged traffic to the native vlan using the following example configuration:

set interfaces bridge br0 member interface eth1 allowed-vlan ‘100’
set interfaces bridge br0 member interface eth1 native-vlan ‘1’
set interfaces bridge br0 member interface eth2
set interfaces bridge br0 member interface eth3
set interfaces bridge br0 member interface eth4 allowed-vlan ‘100’
set interfaces bridge br0 member interface eth4 native-vlan ‘1’
set interfaces bridge br0 stp
set interfaces bridge br0 vif 1 address ‘192.168.0.1/24’