We use the linux bridge in VLAN-aware mode to interconnect different container/VMs (podman, libvirt, lxc, systemd-nspawn). To connect podman containers to a specific VLAN I use the CNI bridge plugin in L2-only vlan configuration.

We try to do the same w/o CNI. There are two things missing currently:

1. Support multiple networks with the same network_interface but different vlan setting
2. Set the vlan on the veth link like:
   sudo bridge vlan add vid 20 pvid untagged dev ...

I opened an issue for netavark but first part belongs to common/libnetwork:

1. podman create network

Currently, the podman network create already allows to set a vlan option:

$ podman network create -o 'com.docker.network.bridge.name=brint' \
        -o vlan=20 --ipam-driver 'none' vlan20

results in /etc/containers/networks/vlan20.json

{
  "name": "vlan20",
  "driver": "bridge",
  "network_interface": "brint",
  "options": {
    "vlan": "20"   <---
  },
  "ipam_options": {
    "driver": "none"
  }
}

But it fails to create another network on the same bridge with different vlan tag:

$ podman network create -o 'com.docker.network.bridge.name=brint' \
        -o vlan=30 --ipam-driver 'none' vlan30
Error: bridge name brint already in use

Relevant code is in libnetwork/internal/util/bridge.go#L16