Reputation: 194
bond on software-bridge connection issue
What you have:
- bond (bond0) interface (all modes except 4) with at least 2 ifaces (say eth0 / eth1) connected on the same external switch
- bond0 interface joined on a software bridge (br0)
- virtual machine (vm0) (eg LibVirt::LXC) with an interface on br0
What you get:
- vm0 is not able to connect to (most) IP addresses via bond0 over br0
- "bond0: received packet with own address as source address" in syslog
Why you get this:
When vm0 wants to contact an external IP address it will send out an ARP request. This L2 broadcast with the source mac of vm0 will leave through (depending on bonding mode) eg eth0, but via the external switch, re-enter through eth1 and thus bond0. Hence the switch br0 will learn the mac-address of vm0 on the port connected to bond0. As a consequence the ARP-reply is never received by vm0.
What can you do to resolve:
The reason I post this, next to sharing the info, is that I wasn't able to figure out a good enough solution. Those I did find are:
- On vm0 set static ARP entry
- Use bond0 mode=4 but your external switch must support this
- Configure your external siwtch to use private VLAN on eth0/eth1 but only works in some use-cases and adds complexity
- Add both physical interfaces to the bridge with spanning tree enabled, instead of using bond driver
- Statically configuring the MAC of vm0 on the correct port of br0 is not an option on Linux (works on OpenBSD though)
I'm really hoping for a more elegant solution here... Anyone?
Thanks
Upvotes: 2
Views: 4089
Answers (2)
Reputation: 2081
I've got the same problem and I come up with the same analysis. The only non-invasive/scalable solution I've found is to use the active/backup bonding (mode 1). The tradeoff is that you lose the aggregation.
IMO, the best solution is to use 802.3ad, but I can't always use it because I'm limited with 6 port-channels on most of my switches.
Upvotes: 3
Reputation: 471
Try these options in bridge:
brigde_fd 0
bridge_stp off # switch on with more system like this
bridge_maxage 0
bridge_ageing 0
bridge_maxwait 0
Taken from this thread: kvm bridge also in proxmox
Upvotes: 0
Related Questions
- Docker: how to connect two bridges
- Bond0 - cannot set the right LB algorithm to 802.3ad
- Docker create two bridges that corrupts my internet access
- Bonding on RedHat 6 with LACP
- How to configure docker default bridge work with unusual network configuration?
- Custom Bridge in Ubuntu 16.04 with LXD
- keepalived cannot receive multicast packet on bond(m=1) interface but tcpdump can result in keepalived both enter master
- How to bring bond0/eth0 interface UP
- Interconnections between bridges in computer networks
- How can configure linux routing to send packets out one interface, over a bridge and into another interface on the same box