* [Bridge] MAC intermittently being learnt on wrong port
@ 2010-01-08 3:25 Ryan King
2010-01-11 17:16 ` Robert LeBlanc
2010-01-11 18:18 ` Stephen Hemminger
0 siblings, 2 replies; 4+ messages in thread
From: Ryan King @ 2010-01-08 3:25 UTC (permalink / raw)
To: bridge@lists.linux-foundation.org
[-- Attachment #1: Type: text/plain, Size: 3758 bytes --]
Hi,
I am seeing a strange issue with a fairly simple bridge I have setup (for openvpn in bridge mode).
eth0 --- [ openvpn machine (tap0) ] --- eth1
The bridge is between tap0 and eth1 on a debian machine running on ESX 4. (tap0 being the openvpn tunnel interface). Intermittently, I see openvpn client MAC addresses on port 2 (eth1). When this happens, their vpn link stops working, since arp replies are being sent back via the wrong interface. But after a random amount of time, it will change back to port 1 (tap0) and start working again. Sometimes this is quick, sometimes it doesn't happen for hours.
Anyone else had these issues? I've searched the archives, and come across several people who seem to have had similar problems - but haven't found one that has a solution yet.
I'd appreciate any suggestions on where I should start looking to find out why/how these MAC's are being learnt on the wrong interface...
brctl show br0:
bridge name bridge id STP enabled interfaces
br0 8000.005056b804c2 no eth1
tap0
brctl showstp br0:
br0
bridge id 8000.005056b804c2
designated root 8000.005056b804c2
root port 0 path cost 0
max age 20.00 bridge max age 20.00
hello time 2.00 bridge hello time 2.00
forward delay 5.00 bridge forward delay 5.00
ageing time 300.01
hello timer 1.19 tcn timer 0.00
topology change timer 0.00 gc timer 2.19
flags
eth1 (2)
port id 8002 state forwarding
designated root 8000.005056b804c2 path cost 100
designated bridge 8000.005056b804c2 message age timer 0.00
designated port 8002 forward delay timer 0.00
designated cost 0 hold timer 0.19
flags
tap0 (1)
port id 8001 state forwarding
designated root 8000.005056b804c2 path cost 100
designated bridge 8000.005056b804c2 message age timer 0.00
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.19
flags
eg:
brctl showmacs br0:
port no mac addr is local? ageing timer
2 00:50:56:b8:04:c2 yes 0.00
1 00:ff:46:97:7f:d5 yes 0.00
2 7a:6e:9f:28:12:79 no 0.56
7a:6e:9f:28:12:79 -- the openvpn client
00:ff:.... -- tap0
00:50:56... -- eth1
Thanks,
Ryan
[-- Attachment #2: Type: text/html, Size: 20825 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Bridge] MAC intermittently being learnt on wrong port
2010-01-08 3:25 [Bridge] MAC intermittently being learnt on wrong port Ryan King
@ 2010-01-11 17:16 ` Robert LeBlanc
2010-01-11 18:18 ` Stephen Hemminger
1 sibling, 0 replies; 4+ messages in thread
From: Robert LeBlanc @ 2010-01-11 17:16 UTC (permalink / raw)
To: Ryan King; +Cc: bridge@lists.linux-foundation.org
[-- Attachment #1: Type: text/plain, Size: 3996 bytes --]
On Thu, Jan 7, 2010 at 8:25 PM, Ryan King <ryank@staff.globaldial.com>wrote:
> Hi,
>
>
>
> I am seeing a strange issue with a fairly simple bridge I have setup (for
> openvpn in bridge mode).
>
>
>
> eth0 --- [ openvpn machine (tap0) ] --- eth1
>
>
>
> The bridge is between tap0 and eth1 on a debian machine running on ESX 4.
> (tap0 being the openvpn tunnel interface). Intermittently, I see openvpn
> client MAC addresses on port 2 (eth1). When this happens, their vpn link
> stops working, since arp replies are being sent back via the wrong
> interface. But after a random amount of time, it will change back to port 1
> (tap0) and start working again. Sometimes this is quick, sometimes it
> doesn't happen for hours.
>
>
>
> Anyone else had these issues? I've searched the archives, and come across
> several people who seem to have had similar problems - but haven't found one
> that has a solution yet.
>
>
>
> I'd appreciate any suggestions on where I should start looking to find out
> why/how these MAC's are being learnt on the wrong interface...
>
>
>
>
>
> brctl show br0:
>
>
>
> bridge name bridge id STP enabled
> interfaces
>
> br0 8000.005056b804c2
> no eth1
>
>
> tap0
>
>
>
>
>
> brctl showstp br0:
>
>
>
> br0
>
> bridge id 8000.005056b804c2
>
> designated root 8000.005056b804c2
>
> root port
> 0 path
> cost 0
>
> max age
> 20.00 bridge max age
> 20.00
>
> hello time
> 2.00 bridge hello time
> 2.00
>
> forward delay 5.00
> bridge forward delay 5.00
>
> ageing time 300.01
>
> hello timer
> 1.19 tcn
> timer 0.00
>
> topology change timer 0.00 gc
> timer 2.19
>
> flags
>
>
>
>
>
> eth1 (2)
>
> port id 8002
> state forwarding
>
> designated root 8000.005056b804c2 path
> cost 100
>
> designated bridge 8000.005056b804c2 message age
> timer 0.00
>
> designated port 8002
> forward delay timer 0.00
>
> designated cost
> 0 hold
> timer 0.19
>
> flags
>
>
>
> tap0 (1)
>
> port id 8001
> state forwarding
>
> designated root 8000.005056b804c2 path
> cost 100
>
> designated bridge 8000.005056b804c2 message age
> timer 0.00
>
> designated port 8001
> forward delay timer 0.00
>
> designated cost
> 0 hold
> timer 0.19
>
> flags
>
>
>
>
>
> eg:
>
> brctl showmacs br0:
>
>
>
> port no mac addr is local?
> ageing timer
>
> 2 00:50:56:b8:04:c2 yes
> 0.00
>
> 1 00:ff:46:97:7f:d5 yes
> 0.00
>
> 2 7a:6e:9f:28:12:79 no
> 0.56
>
>
>
> 7a:6e:9f:28:12:79 -- the openvpn client
>
> 00:ff:.... -- tap0
>
> 00:50:56... -- eth1
>
>
>
>
>
>
>
>
>
>
>
> Thanks,
>
>
>
> Ryan
>
I too am seeing this problem, I've tested with Lenny and Squeeze on ESX 4
and still see the same problem. I am anxiously awaiting some help on how to
troubleshoot the problem. This is a big hang up for me. I don't know if the
virtual switch is sending out multiple replies or what, I'm going to set
this up on some physical hardware and compare. I don't know what else to do.
Thanks,
Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
[-- Attachment #2: Type: text/html, Size: 8462 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Bridge] MAC intermittently being learnt on wrong port
2010-01-08 3:25 [Bridge] MAC intermittently being learnt on wrong port Ryan King
2010-01-11 17:16 ` Robert LeBlanc
@ 2010-01-11 18:18 ` Stephen Hemminger
2010-01-11 18:42 ` Robert LeBlanc
1 sibling, 1 reply; 4+ messages in thread
From: Stephen Hemminger @ 2010-01-11 18:18 UTC (permalink / raw)
To: Ryan King; +Cc: bridge@lists.linux-foundation.org
On Fri, 8 Jan 2010 03:25:10 +0000
Ryan King <ryank@staff.globaldial.com> wrote:
> Hi,
>
> I am seeing a strange issue with a fairly simple bridge I have setup (for openvpn in bridge mode).
>
> eth0 --- [ openvpn machine (tap0) ] --- eth1
>
> The bridge is between tap0 and eth1 on a debian machine running on ESX 4. (tap0 being the openvpn tunnel interface). Intermittently, I see openvpn client MAC addresses on port 2 (eth1). When this happens, their vpn link stops working, since arp replies are being sent back via the wrong interface. But after a random amount of time, it will change back to port 1 (tap0) and start working again. Sometimes this is quick, sometimes it doesn't happen for hours.
>
> Anyone else had these issues? I've searched the archives, and come across several people who seem to have had similar problems - but haven't found one that has a solution yet.
>
> I'd appreciate any suggestions on where I should start looking to find out why/how these MAC's are being learnt on the wrong interface...
>
By default the address of the bridge interface is the minimum of all the interfaces,
and the tap one is generated randomly; that might be your problem.
So either:
1. force a specific MAC address on the tap interface
or 2. force the the MAC address of the bridge interface to be that of eth
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Bridge] MAC intermittently being learnt on wrong port
2010-01-11 18:18 ` Stephen Hemminger
@ 2010-01-11 18:42 ` Robert LeBlanc
0 siblings, 0 replies; 4+ messages in thread
From: Robert LeBlanc @ 2010-01-11 18:42 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: bridge@lists.linux-foundation.org, Ryan King
[-- Attachment #1: Type: text/plain, Size: 1800 bytes --]
On Mon, Jan 11, 2010 at 11:18 AM, Stephen Hemminger <
shemminger@linux-foundation.org> wrote:
> On Fri, 8 Jan 2010 03:25:10 +0000
> Ryan King <ryank@staff.globaldial.com> wrote:
>
> > Hi,
> >
> > I am seeing a strange issue with a fairly simple bridge I have setup (for
> openvpn in bridge mode).
> >
> > eth0 --- [ openvpn machine (tap0) ] --- eth1
> >
> > The bridge is between tap0 and eth1 on a debian machine running on ESX 4.
> (tap0 being the openvpn tunnel interface). Intermittently, I see openvpn
> client MAC addresses on port 2 (eth1). When this happens, their vpn link
> stops working, since arp replies are being sent back via the wrong
> interface. But after a random amount of time, it will change back to port 1
> (tap0) and start working again. Sometimes this is quick, sometimes it
> doesn't happen for hours.
> >
> > Anyone else had these issues? I've searched the archives, and come
> across several people who seem to have had similar problems - but haven't
> found one that has a solution yet.
> >
> > I'd appreciate any suggestions on where I should start looking to find
> out why/how these MAC's are being learnt on the wrong interface...
> >
>
> By default the address of the bridge interface is the minimum of all the
> interfaces,
> and the tap one is generated randomly; that might be your problem.
> So either:
> 1. force a specific MAC address on the tap interface
> or 2. force the the MAC address of the bridge interface to be that of eth
>
>
I'm seeing the same problem on a static bridge (no tap) with the MAC address
set to locally administrated MACs. I sent the e-mail to the list on Friday.
This is a good thought, but I don't believe it is the issue.
Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
[-- Attachment #2: Type: text/html, Size: 2327 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-01-11 18:42 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-01-08 3:25 [Bridge] MAC intermittently being learnt on wrong port Ryan King
2010-01-11 17:16 ` Robert LeBlanc
2010-01-11 18:18 ` Stephen Hemminger
2010-01-11 18:42 ` Robert LeBlanc
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.