combining vlan tagging and spanning tree

Hi,

I am configuring some servers in a high availability setup. The servers
are connected to two switches with two LAN cards in each server. The two
switches are connected directly to each other.

The servers are configured to bridge eth0 and eth1 with spanning tree.
Usually this makes sure eth1 is disabled, unless something happens to
eth0. This way I can have one IP address on each server.

Now I also want to use vlan tagging on some of the servers.

I am unsure if I am supposed to bridge before or after applying vlan
tagging. That is, if the bridge should be between eth0 and eth1, or
between eth0.2 and eth1.2. I suppose it would also be possible to have a
br0.2.

I managed to get it working sort of. But as soon I enable spanning tree,
I lose contact on the bridge device. Tcpdump still shows traffic on the
underlying device.

I am using gentoo linux 2.6.12.

Thanks,

Baldur

Bridging with STP seems to learn mac-address on wrong ports

I have two multi-port bridges connected together with a lot of cables.
Current setup is as follows:

     --------eth0-------
    |                   |
[Bridge A] <-eth1-≥ [Bridge B]
    |                   |
     --------eth5-------

Bridge A is root-bridge, and eth0 is set to lowest path-cost.
Consequently on Bridge B interfaces eth1 and eth5 are in blocking state.

However, when looking at the mac-address table on bridge B I see that it has
learned the mac-address of bridge A on the eth1-port (which is in
blocking state) and tries to use that port to communicate with 
bridge A, and since the port is blocking this fails.

It seems that the STP-bpdu's are responsible for the bridge learning
the mac-address on the wrong port.
This is tested with kernel 2.6.11.12 and 2.6.13.2, and both exhibit
this problem.

The following fix solved it for me on 2.6.11.12:
In net/bridge/br_stp_bpdu.c, in function br_stp_handle_bpdu i changed
         br_fdb_insert(p->br, p, eth_hdr(skb)->h_source,0);
to
         if (!br->stp_enabled || p->state == BR_STATE_LEARNING
             || p->state == BR_STATE_FORWARDING)
             br_fdb_insert(p->br, p, eth_hdr(skb)->h_source, 0);

combining vlan tagging and spanning tree

Hi,

I am configuring some servers in a high availability setup. The servers
are connected to two switches with two LAN cards in each server. The two
switches are connected directly to each other.

The servers are configured to bridge eth0 and eth1 with spanning tree.
Usually this makes sure eth1 is disabled, unless something happens to
eth0. This way I can have one IP address on each server.

Now I also want to use vlan tagging on some of the servers.

I am unsure if I am supposed to bridge before or after applying vlan
tagging. That is, if the bridge should be between eth0 and eth1, or
between eth0.2 and eth1.2. I suppose it would also be possible to have a
br0.2.

I managed to get it working sort of. But as soon I enable spanning tree,
I lose contact on the bridge device. Tcpdump still shows traffic on the
underlying device.

I am using gentoo linux 2.6.12.

Thanks,

Baldur

Re: combining vlan tagging and spanning tree

Baldur Norddahl wrote:

>Hi,
>
>I am configuring some servers in a high availability setup. The servers
>are connected to two switches with two LAN cards in each server.
>
Are the switches Cisco switches?
For now I will assume they are.

> The two
>switches are connected directly to each other.
>
>The servers are configured to bridge eth0 and eth1 with spanning tree.
>Usually this makes sure eth1 is disabled, unless something happens to
>eth0. This way I can have one IP address on each server.
>
>Now I also want to use vlan tagging on some of the servers.
>
>I am unsure if I am supposed to bridge before or after applying vlan
>tagging. That is, if the bridge should be between eth0 and eth1, or
>between eth0.2 and eth1.2. I suppose it would also be possible to have a
>br0.2.
>  
>
You have to setup de bridge between the vlan interfaces.
Example:

#!/bin/sh
VCONFIG=/sbin/vconfig

Install instructions

_______________________________________________
Bridge mailing list
Bridge <at> lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge

Bridge wiki page

The latest info on bridging is now at:
    http://linux-net.osdl.org/index.php/Bridge

Bridge Control using sysfs and Spinlocks

I am attempting to change the bridge kernel module so that I have complete 
control over the port states from user space via sysfs.

On code inspection I can see that whenever a reconfiguration of the bridge 
itself is made, i.e. ageing time, forward delay, hello time, etc. then there 
is a spin_lock_bh before the reconfiguration and a spin_unlock_bh after 
reconfiguration.

However, when a reconfiguration of a bridge PORT is made e.g. path cost, 
priority then the spin lock mechanism is not used. Is this correct 
operation? (The old ioctl method uses spin locks on bridge port 
reconfiguration, whereas I am reconfiguring via sysfs)

If I am to change the bridge module to accept requests to change the port 
state should I be using the spin locks?

Thanks in advance

Jon Chambers.

_________________________________________________________________
MSN Messenger 7.5 is now out. Download it for FREE here. 
http://messenger.msn.co.uk

_______________________________________________
Bridge mailing list
Bridge <at> lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge

Re: Bridge Control using sysfs and Spinlocks

On Tue, 18 Oct 2005 13:23:46 +0100
"Jonathan Chambers`" <chamber_j <at> hotmail.com> wrote:

> I am attempting to change the bridge kernel module so that I have complete 
> control over the port states from user space via sysfs.
> 
> On code inspection I can see that whenever a reconfiguration of the bridge 
> itself is made, i.e. ageing time, forward delay, hello time, etc. then there 
> is a spin_lock_bh before the reconfiguration and a spin_unlock_bh after 
> reconfiguration.

Yes, makes sense to lock those operations. Looks like a simple oversight.

> However, when a reconfiguration of a bridge PORT is made e.g. path cost, 
> priority then the spin lock mechanism is not used. Is this correct 
> operation? (The old ioctl method uses spin locks on bridge port 
> reconfiguration, whereas I am reconfiguring via sysfs)
> 
> If I am to change the bridge module to accept requests to change the port 
> state should I be using the spin locks?
> 
> Thanks in advance
> 
> Jon Chambers.
> 
> _________________________________________________________________
> MSN Messenger 7.5 is now out. Download it for FREE here. 
> http://messenger.msn.co.uk
> 

--

-- 
Stephen Hemminger <shemminger <at> osdl.org>
OSDL http://developer.osdl.org/~shemminger

_______________________________________________
Bridge mailing list
Bridge <at> lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge

Some Questions

I am battling an issue with use of bridging with xen.
For some yet undetermined reason supposedly relating to stp, they assign
a mac address of fe:ff:ff:ff:ff:ff  to the bridge.

Was hoping someone here may be able to elaborate on that.

If I enslave a bridge to an ethernet, and than restart that network
interface, should the bridge operation behave the same after the ip
interface is restarted?

Is their any arp functionality in the bridge itself?
Am thinking like arp snooping, or anything else for that matter.

In general I have been seeing a lot of odd behavior with the xen bridge
in their unstable code base. Am hoping for some insight.

Regards,
Ted

_______________________________________________
Bridge mailing list
Bridge <at> lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge

Bridge] IEEE 802.1Q (VLAN-) Bridge incl. GARP, GMRP, GVRP]

_______________________________________________
Bridge mailing list
Bridge <at> lists.osdl.org
https://lists.osdl.org/mailman/listinfo/bridge