Good Evening All,
I'm looking for some advice - at the moment I can create individual VLANs within MAC OSX and I can map these individual VLANs by bridging the actual VLAN interface itself.
What I'm looking to accomplish is by bridging a "Dot1Q trunk interface" on the Virtual Machine with an interface on the host OS (Mac OSX) that can deal with multiple tagged networks.
As an example;
Virtual Machine is a Check Point Firewall - It has Eth1 defined on its native VLAN with Eth1.20, Eth1.30 and Eth1.40.
If I bridge the Eth1 NIC to say "en2/Thunderbolt adapter" it cannot service VLAN traffic with tag 20, 30 or 40 - if I bridge the individual VLAN interface of the host OS to the virtual firewall interface - I can establish connectivity on that particular VLAN but nothing else.
Is there a trick to making this work? Is it possible?
I thought that creating the VLAN interfaces within the host OS and mapping it to the physical would suffice (then mapping the physical to the Virtual NIC Eth1) - it looks to me like this physical NIC doesn't seem to operate as a dot1q trunk like I would of expected it to.
To further the example;
SQL01 eth0 on the linux box is mapped to the actual Vlan 4 interface (40 in this case).
FWL01 eth1 is configured Vlan 4 interface (40 in this case).
Works
If I set SQL01 eth0 to map to the physical thunderbolt adapter (with the VLANs associated) and set the firewall to this, it only passes the native traffic (IP associated with the thunderbolt adapter, not the VLANs).
If I set SQL01 eth0 to database vlan (VLAN 4 - tag 40) and set the firewall to the physical thunderbolt adapter - no connectivity.
SQL01 and SQL02 mapped with VLAN 4 can communicate with each other in this case which is to be expected.
Is this a limitation of VMware fusion? What am I missing?
Update: Could it be that the reason why this isn't working is because generally you would have a distributed/virtual switch that would take care of the tagging but in this case I'm trying to change a L3 thunderbolt adapter interface in to an interface that operates at L2? The interesting thing here is that the Thunderbolt adapter passes all VLANs at the same time (External to the host OS) - I.E... plugging in to a physical switch tagging 20,30 and 40 as a dot1q trunks passes all traffic destined for the host VLAN interfaces. It seems to me like the missing piece of the puzzle is the "Virtual Switch Layer".
I.E...
What I am trying to achieve in the virtual sense;
Host OS --> Virtual Interfaces --> Virtual Switch (Missing/Thunderbolt not acting as a trunk interface) --> Virtual Platform (VMWARE Fusion/Bridging as access) --> Virtual Machine.
How it works in real world - physical;
Host OS --> Virtual Interfaces --> Physical Switch (DOT1Q trunk interface) --> Physical Switch port with appropriate access tag --> Physical Machine
Would I be right in saying that the missing component is the virtual switch port (dot1q) and the way that the host OS maps this to the virtual interfaces that are created? Wiresharking and TCPDumping the NIC on the firewall shows no traffic arriving from the host OS virtual interface even though wireshark on the host shows outbound connections. Probably trying to achieve the impossible in this case 
. Is this a fair assumption?