* [Bridge] how bridge interacts with tap ifaces?
@ 2009-12-05 12:11 Radim Roska
2009-12-05 18:29 ` Nicolas de Pesloüan
2009-12-09 21:58 ` Nicolas de Pesloüan
0 siblings, 2 replies; 6+ messages in thread
From: Radim Roska @ 2009-12-05 12:11 UTC (permalink / raw)
To: bridge
[-- Attachment #1: Type: text/plain, Size: 2921 bytes --]
Hi,
few weeks ago I asked question that was probably not interesting for you.
Now ill put it differently.
2 computers - VPC and HOST
VPC has 2 eth0 and eth1 interfaces (on host tap1 and tap2)
HOST has 1 tap (tap0)
HOST has br0 where tap0 and tap1 are bound
VPC has br0 where eth0 and eth1 are bound
tap1 has ip
br0 on VPC has ip
ping from VPC -> tap1:
__ratelimit: 32575 callbacks suppressed
eth0: received packed with own address as source address
eth0: received packed with own address as source address
eth0: received packed with own address as source address
...
infinity loop stopped by command to turn on stp on VPC. This blocks eth0 ->
port connected to bridge on HOST.
No more problem with loop and VPC can actually ping HOST. Probably using
eth1 which is not connected anywhere.
So I assume that once packet is somewhere on a tap interface in the HOST.
Thus its not possible to do little complicated network because all taps
create a loop no matter how user connects them in bridges...is that right?
I've lost big amount of time trying to make this working...so please make
sure i dont lost even more :))
Thanks
Radim
On Mon, Nov 23, 2009 at 11:12 PM, Radim Roska <radim.roska@gmail.com> wrote:
> Hello,
>
> I have this very uncommon situation :). My diploma thesis will probably be
> playing with linux kernel in various networks. Currently I have little free
> time and limited computer resources -> only one laptop :). But I would like
> to do some profiling of kernel particularly of bridging part. For that i
> need network.
>
> So i have 2 virtual machines VPC1 and VPC2 (running debian)
>
> HOST - VPC1 - VPC2
>
> VPC1 should act as bridge.
> HOST: tap0 interface
> VPC1:
> eth0 ~ tap1 on host
> eth1 ~ tap2 on host
> VPC2:
> eth0 ~ tap3 on host
>
> how to connect it? :) Well tap0 - tap1 is in br0 on host and tap2 + tap3 is
> on br1.
>
> VPC1 than has eth0 and eth1 in bridge also :).
>
> I know..it looks strange..but i thought its simplest :).
>
> But:
>
> 1) although VPC2 is connected through br1 that has connection only with
> tap2=eth1 on VPC1..I can ping anything even when VPC1 has all interfaces
> down
>
> 2) i dont see any loop in my "network" but anyway once i turn on br0
> without stp on VPC1, i got quite a serious perf problem - little storm i
> guess:).
> starting stp solves storm but disables eth0
> [ 3839.200640] br0: starting userspace STP failed, starting kernel STP
> [ 3839.201388] br0: topology change detected, sending tcn bpdu
> [ 3839.202117] br0: port 2(eth0) entering blocking state
>
> i does not matter if i have stp on HOST's br0/br1
>
> If someone would have time to help me with that I'll be very happy :). Its
> possible Im trying approach that is doomed to fail because i dont
> know/understsand something.
>
> Cheers,
> Radim
>
--
Radim Roška
[-- Attachment #2: Type: text/html, Size: 3407 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Bridge] how bridge interacts with tap ifaces?
2009-12-05 12:11 [Bridge] how bridge interacts with tap ifaces? Radim Roska
@ 2009-12-05 18:29 ` Nicolas de Pesloüan
[not found] ` <aa3710a80912060352p4848bc64xea6961d271877924@mail.gmail.com>
2009-12-09 21:58 ` Nicolas de Pesloüan
1 sibling, 1 reply; 6+ messages in thread
From: Nicolas de Pesloüan @ 2009-12-05 18:29 UTC (permalink / raw)
To: Radim Roska; +Cc: bridge
Radim Roska wrote:
> Hi,
>
> few weeks ago I asked question that was probably not interesting for you.
I don't know for the other readers of this mailing list, but even after reading both posts twice, I
still don't understand what you are trying to do.
This might be the reason why you didn't received any answer for your first post.
Please, do not only focus on you setup, but also describe the expected effects.
Nicolas.
>
> Now ill put it differently.
>
> 2 computers - VPC and HOST
> VPC has 2 eth0 and eth1 interfaces (on host tap1 and tap2)
> HOST has 1 tap (tap0)
>
> HOST has br0 where tap0 and tap1 are bound
> VPC has br0 where eth0 and eth1 are bound
>
> tap1 has ip
> br0 on VPC has ip
>
> ping from VPC -> tap1:
>
> __ratelimit: 32575 callbacks suppressed
> eth0: received packed with own address as source address
> eth0: received packed with own address as source address
> eth0: received packed with own address as source address
> ...
>
> infinity loop stopped by command to turn on stp on VPC. This blocks eth0
> -> port connected to bridge on HOST.
>
> No more problem with loop and VPC can actually ping HOST. Probably using
> eth1 which is not connected anywhere.
>
> So I assume that once packet is somewhere on a tap interface in the
> HOST. Thus its not possible to do little complicated network because all
> taps create a loop no matter how user connects them in bridges...is that
> right?
>
> I've lost big amount of time trying to make this working...so please
> make sure i dont lost even more :))
>
> Thanks
> Radim
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Bridge] how bridge interacts with tap ifaces?
[not found] ` <aa3710a80912060352p4848bc64xea6961d271877924@mail.gmail.com>
@ 2009-12-06 11:54 ` Radim Roska
0 siblings, 0 replies; 6+ messages in thread
From: Radim Roska @ 2009-12-06 11:54 UTC (permalink / raw)
To: Nicolas de Pesloüan, bridge
[-- Attachment #1: Type: text/plain, Size: 889 bytes --]
Hi :),
sorry Nicolas, sending it again because last time i forgot to include bridge
mailing list.
> On Sat, Dec 5, 2009 at 7:29 PM, Nicolas de Pesloüan <
> nicolas.2p.debian@free.fr> wrote:
>
>>
>> I don't know for the other readers of this mailing list, but even after
>> reading both posts twice, I still don't understand what you are trying to
>> do.
>>
>
>> This might be the reason why you didn't received any answer for your first
>> post.
>
>
ok..that could be the reason :)
>
>> Please, do not only focus on you setup, but also describe the expected
>> effects.
>>
>
>
I want virtual PC to have working bridge from its eth0 and eth1 interfaces.
Thats all :). Eth0 would be connected to host and eth1 e.g. to another
virtual PC.
I tried to explain problem in detail but maybe i just concealed this simple
desire:)
--
Radim Roška
[-- Attachment #2: Type: text/html, Size: 2014 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Bridge] how bridge interacts with tap ifaces?
2009-12-05 12:11 [Bridge] how bridge interacts with tap ifaces? Radim Roska
2009-12-05 18:29 ` Nicolas de Pesloüan
@ 2009-12-09 21:58 ` Nicolas de Pesloüan
2009-12-12 15:23 ` Radim Roska
1 sibling, 1 reply; 6+ messages in thread
From: Nicolas de Pesloüan @ 2009-12-09 21:58 UTC (permalink / raw)
To: Radim Roska; +Cc: bridge
Radim Roska wrote:
> Hi,
Hi Radim,
> few weeks ago I asked question that was probably not interesting for you.
>
> Now ill put it differently.
>
> 2 computers - VPC and HOST
> VPC has 2 eth0 and eth1 interfaces (on host tap1 and tap2)
> HOST has 1 tap (tap0)
>
> HOST has br0 where tap0 and tap1 are bound
> VPC has br0 where eth0 and eth1 are bound
>
> tap1 has ip
> br0 on VPC has ip
Here is what I understand from your last post:
+----------------HOST-----------------------------+
| |
| ???? --tap0--+ |
| | |
| | |
| +--br0 |
| +-----VPC-------------------+ | |
| | | | |
| | +--eth0--|--tap1--+ ip here |
| | ip here br0--+ | |
| | +--eth1--|--tap2 |
| | | |
| +---------------------------+ |
| |
+-------------------------------------------------+
Can you confirm ? Please extend and possibly fix this ascii art to include you whole setup.
If this is correct, then, the first possible problem comes from the fact that you should not put an
ip on a member of a bridge but on the bridge itself. (br0 on HOST, not tap1 on HOST).
Also, can you describe what you plan to do with tap2 on HOST and what process is managing the
user-space side of tap0 on HOST ? Is it another VM ?
> ping from VPC -> tap1:
>
> __ratelimit: 32575 callbacks suppressed
> eth0: received packed with own address as source address
> eth0: received packed with own address as source address
> eth0: received packed with own address as source address
> ...
>
> infinity loop stopped by command to turn on stp on VPC. This blocks eth0
> -> port connected to bridge on HOST.
>
> No more problem with loop and VPC can actually ping HOST. Probably using
> eth1 which is not connected anywhere.
>
> So I assume that once packet is somewhere on a tap interface in the
> HOST. Thus its not possible to do little complicated network because all
> taps create a loop no matter how user connects them in bridges...is that
> right?
It is possible to do complicated network using VM and tap devices. Several tap devices are not
leaking between them. But, if your configuration end up with two bridges face to face (one in the VM
and one in the HOST) with two links between them, then you must enable stp on both bridge, in order
to allow the bridges to detect and "fix" the loop.
'hope this help.
Nicolas.
> I've lost big amount of time trying to make this working...so please
> make sure i dont lost even more :))
>
> Thanks
> Radim
>
>
>
> On Mon, Nov 23, 2009 at 11:12 PM, Radim Roska <radim.roska@gmail.com
> <mailto:radim.roska@gmail.com>> wrote:
>
> Hello,
>
> I have this very uncommon situation :). My diploma thesis will
> probably be playing with linux kernel in various networks. Currently
> I have little free time and limited computer resources -> only one
> laptop :). But I would like to do some profiling of kernel
> particularly of bridging part. For that i need network.
>
> So i have 2 virtual machines VPC1 and VPC2 (running debian)
>
> HOST - VPC1 - VPC2
>
> VPC1 should act as bridge.
> HOST: tap0 interface
> VPC1:
> eth0 ~ tap1 on host
> eth1 ~ tap2 on host
> VPC2:
> eth0 ~ tap3 on host
>
> how to connect it? :) Well tap0 - tap1 is in br0 on host and tap2 +
> tap3 is on br1.
>
> VPC1 than has eth0 and eth1 in bridge also :).
>
> I know..it looks strange..but i thought its simplest :).
>
> But:
>
> 1) although VPC2 is connected through br1 that has connection only
> with tap2=eth1 on VPC1..I can ping anything even when VPC1 has all
> interfaces down
>
> 2) i dont see any loop in my "network" but anyway once i turn on
> br0 without stp on VPC1, i got quite a serious perf problem -
> little storm i guess:).
> starting stp solves storm but disables eth0
> [ 3839.200640] br0: starting userspace STP failed, starting kernel STP
> [ 3839.201388] br0: topology change detected, sending tcn bpdu
> [ 3839.202117] br0: port 2(eth0) entering blocking state
>
> i does not matter if i have stp on HOST's br0/br1
>
> If someone would have time to help me with that I'll be very happy
> :). Its possible Im trying approach that is doomed to fail because i
> dont know/understsand something.
>
> Cheers,
> Radim
>
>
>
>
> --
> Radim Roška
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/bridge
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Bridge] how bridge interacts with tap ifaces?
2009-12-09 21:58 ` Nicolas de Pesloüan
@ 2009-12-12 15:23 ` Radim Roska
2009-12-12 16:56 ` Nicolas de Pesloüan
0 siblings, 1 reply; 6+ messages in thread
From: Radim Roska @ 2009-12-12 15:23 UTC (permalink / raw)
To: Nicolas de Pesloüan; +Cc: bridge
Hello Nicolas,
first thanks for your answer :). I'm impressed with your ascii art:).
Sorry for my late answer , im currently ill.
I've completed your ascii art to final scheme I intended to build from
the first time
+----------------HOST-----------------------------+
| |
| 10.0.0.1 --tap0--+ |
| | |
| | |
| +--br0 |
| +-----VPC1------------------+ | |
| | | | |
| | +--eth0--|--tap1--+ |
| | ip here br0--+ | |
| | +--eth1--|--tap2--+ |
| | | | |
| +---------------------------+ | |
| +--br1 |
| +-----VPC2------------------+ | |
| | | | |
| | 10.0.0.2 +--eth0--|--tap3--+ |
| | | |
| +---------------------------+ |
+-------------------------------------------------+
I am really not sure now, but I would say there is no loop in there
:/. But e.g. VPC2 can ping tap0 although VPC1 bridge is not
configured. Is the problem taht tap0 is used directly? Should I start
another VPC there ?
Thank you very much
Radim
On Wed, Dec 9, 2009 at 10:58 PM, Nicolas de Pesloüan
<nicolas.2p.debian@free.fr> wrote:
>
> Radim Roska wrote:
>>
>> Hi,
>
> Hi Radim,
>
>> few weeks ago I asked question that was probably not interesting for you.
>>
>> Now ill put it differently.
>>
>> 2 computers - VPC and HOST
>> VPC has 2 eth0 and eth1 interfaces (on host tap1 and tap2)
>> HOST has 1 tap (tap0)
>>
>> HOST has br0 where tap0 and tap1 are bound
>> VPC has br0 where eth0 and eth1 are bound
>>
>> tap1 has ip
>> br0 on VPC has ip
>
> Here is what I understand from your last post:
>
> +----------------HOST-----------------------------+
> | |
> | ???? --tap0--+ |
> | | |
> | | |
> | +--br0 |
> | +-----VPC-------------------+ | |
> | | | | |
> | | +--eth0--|--tap1--+ ip here |
> | | ip here br0--+ | |
> | | +--eth1--|--tap2 |
> | | | |
> | +---------------------------+ |
> | |
> +-------------------------------------------------+
>
> Can you confirm ? Please extend and possibly fix this ascii art to include you whole setup.
>
> If this is correct, then, the first possible problem comes from the fact that you should not put an ip on a member of a bridge but on the bridge itself. (br0 on HOST, not tap1 on HOST).
>
> Also, can you describe what you plan to do with tap2 on HOST and what process is managing the user-space side of tap0 on HOST ? Is it another VM ?
>
>> ping from VPC -> tap1:
>>
>> __ratelimit: 32575 callbacks suppressed
>> eth0: received packed with own address as source address
>> eth0: received packed with own address as source address
>> eth0: received packed with own address as source address
>> ...
>>
>> infinity loop stopped by command to turn on stp on VPC. This blocks eth0 -> port connected to bridge on HOST.
>>
>> No more problem with loop and VPC can actually ping HOST. Probably using eth1 which is not connected anywhere.
>>
>> So I assume that once packet is somewhere on a tap interface in the HOST. Thus its not possible to do little complicated network because all taps create a loop no matter how user connects them in bridges...is that right?
>
> It is possible to do complicated network using VM and tap devices. Several tap devices are not leaking between them. But, if your configuration end up with two bridges face to face (one in the VM and one in the HOST) with two links between them, then you must enable stp on both bridge, in order to allow the bridges to detect and "fix" the loop.
>
> 'hope this help.
>
> Nicolas.
>
>> I've lost big amount of time trying to make this working...so please make sure i dont lost even more :))
>>
>> Thanks
>> Radim
>>
>>
>>
>> On Mon, Nov 23, 2009 at 11:12 PM, Radim Roska <radim.roska@gmail.com <mailto:radim.roska@gmail.com>> wrote:
>>
>> Hello,
>>
>> I have this very uncommon situation :). My diploma thesis will
>> probably be playing with linux kernel in various networks. Currently
>> I have little free time and limited computer resources -> only one
>> laptop :). But I would like to do some profiling of kernel
>> particularly of bridging part. For that i need network.
>>
>> So i have 2 virtual machines VPC1 and VPC2 (running debian)
>>
>> HOST - VPC1 - VPC2
>>
>> VPC1 should act as bridge.
>> HOST: tap0 interface
>> VPC1:
>> eth0 ~ tap1 on host
>> eth1 ~ tap2 on host
>> VPC2:
>> eth0 ~ tap3 on host
>>
>> how to connect it? :) Well tap0 - tap1 is in br0 on host and tap2 +
>> tap3 is on br1.
>>
>> VPC1 than has eth0 and eth1 in bridge also :).
>>
>> I know..it looks strange..but i thought its simplest :).
>>
>> But:
>>
>> 1) although VPC2 is connected through br1 that has connection only
>> with tap2=eth1 on VPC1..I can ping anything even when VPC1 has all
>> interfaces down
>>
>> 2) i dont see any loop in my "network" but anyway once i turn on
>> br0 without stp on VPC1, i got quite a serious perf problem -
>> little storm i guess:).
>> starting stp solves storm but disables eth0
>> [ 3839.200640] br0: starting userspace STP failed, starting kernel STP
>> [ 3839.201388] br0: topology change detected, sending tcn bpdu
>> [ 3839.202117] br0: port 2(eth0) entering blocking state
>>
>> i does not matter if i have stp on HOST's br0/br1
>>
>> If someone would have time to help me with that I'll be very happy
>> :). Its possible Im trying approach that is doomed to fail because i
>> dont know/understsand something.
>>
>> Cheers,
>> Radim
>>
>>
>>
>>
>> --
>> Radim Roška
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Bridge mailing list
>> Bridge@lists.linux-foundation.org
>> https://lists.linux-foundation.org/mailman/listinfo/bridge
>
--
Radim Roška
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Bridge] how bridge interacts with tap ifaces?
2009-12-12 15:23 ` Radim Roska
@ 2009-12-12 16:56 ` Nicolas de Pesloüan
0 siblings, 0 replies; 6+ messages in thread
From: Nicolas de Pesloüan @ 2009-12-12 16:56 UTC (permalink / raw)
To: Radim Roska; +Cc: bridge
Radim Roska wrote:
Hi Radim,
> first thanks for your answer :). I'm impressed with your ascii art:).
Art is designed to be impressive ! :-D
> Sorry for my late answer , im currently ill.
> I've completed your ascii art to final scheme I intended to build from
> the first time
>
> +----------------HOST-----------------------------+
> | |
> | 10.0.0.1 --tap0--+ |
> | | |
> | | |
> | +--br0 |
> | +-----VPC1------------------+ | |
> | | | | |
> | | +--eth0--|--tap1--+ |
> | | ip here br0--+ | |
> | | +--eth1--|--tap2--+ |
> | | | | |
> | +---------------------------+ | |
> | +--br1 |
> | +-----VPC2------------------+ | |
> | | | | |
> | | 10.0.0.2 +--eth0--|--tap3--+ |
> | | | |
> | +---------------------------+ |
> +-------------------------------------------------+
If your thesis focus on profiling the bridge code, I would suggest you reduce the number of
intermediate elements down to the lowest possible level.
From my point of view, HOST/br0 is not required. You can configure the ip address of HOST/tap0 on
HOST/tap1 instead and remove HOST/br0 and HOST/tap0.
+----------------HOST-----------------------------+
| +-----VPC1------------------+ |
| | | |
| | +--eth0--|--tap1-- 10.0.0.1 |
| | ip here br0--+ | |
| | +--eth1--|--tap2--+ |
| | | | |
| +---------------------------+ | |
| +--br1 |
| +-----VPC2------------------+ | |
| | | | |
| | 10.0.0.2 +--eth0--|--tap3--+ |
| | | |
| +---------------------------+ |
+-------------------------------------------------+
Also, the tap devices are not leaking, but there are other potential leaking problems:
Until HOST/br1 know the right port to use to forward packets for a given mac address, it will
forward the packet to all ports of the bridge. So, packets received from HOST/tap3, targeted at
10.0.0.1, will be forwarded to HOST/tap2 AND to HOST/br1. If HOST has IP forwarding enabled (see
/proc/sys/net/ipv4/ip_forward), then it might accept packets for 10.0.0.1 on HOST/br1, even if this
IP address is setup on a different interface of HOST. You should use tcpdump or wireshark on br1 to
watch what is received on this interface.
I'don't know if your VM software allow for such things, but the perfect configuration would be a
"direct" link between VPC1 and VPC2, through a non-HOST network system.
For example, VirtualBox VM software provide such "direct" link, called "internal network".
+----------------HOST-----------------------------+
| +-----VPC1------------------+ |
| | | |
| | +--eth0--|--tap1-- 10.0.0.1 |
| | ip here br0--+ | |
| | +--eth1--|--+ |
| | | | |
| +---------------------------+ | |
| | |
| +-----VPC2------------------+ | |
| | | | |
| | 10.0.0.2 +--eth0--|--+ |
| | | |
| +---------------------------+ |
+-------------------------------------------------+
And if such a "direct" link feature is available, then the perfect configuration for your test would
be the following, which would give a totally isolated test environment.
+----------------HOST-----------------------------+
| +-----VPC3------------------+ |
| | | |
| | 10.0.0.1 +--eth0--|--+ |
| | | | |
| +---------------------------+ | |
| | |
| +-----VPC1------------------+ | |
| | | | |
| | +--eth0--|--+ |
| | br0--+ | |
| | +--eth1--|--+ |
| | | | |
| +---------------------------+ | |
| | |
| +-----VPC2------------------+ | |
| | | | |
| | 10.0.0.2 +--eth0--|--+ |
| | | |
| +---------------------------+ |
+-------------------------------------------------+
With this configuration, you would be able to test the bridge code in a close to transparent way and
even enhance the numbers of "clients" for the bridge (up to 8, in the case of VirtualBox).
And if stp or rstp is something you would like to play with, you can build two bridges with a loop.
+----------------HOST-------------------------------------------------------+
| +-----VPC3------------------+ |
| | | |
| | 10.0.0.1 +--eth0--|-------+ |
| | | | |
| +---------------------------+ | |
| | |
| +-----VPC1------------------+ | +-----------VPC4-----------------+ |
| | | | | | |
| | | +--|--eth2--+ | |
| | +--eth0--|----------|--eth1--+ | |
| | br0--+ | | +--br0 | |
| | +--eth1--|----------|--eth0--+ | |
| | +--eth2--|--+ | | |
| | | | | | |
| +---------------------------+ | +--------------------------------+ |
| | |
| +-----VPC2------------------+ | |
| | | | |
| | 10.0.0.2 +--eth0--|--+ |
| | | |
| +---------------------------+ |
+---------------------------------------------------------------------------+
'hope this helps.
Nicolas.
> I am really not sure now, but I would say there is no loop in there
> :/. But e.g. VPC2 can ping tap0 although VPC1 bridge is not
> configured. Is the problem taht tap0 is used directly? Should I start
> another VPC there ?
>
> Thank you very much
>
> Radim
>
> On Wed, Dec 9, 2009 at 10:58 PM, Nicolas de Pesloüan
> <nicolas.2p.debian@free.fr> wrote:
>> Radim Roska wrote:
>>> Hi,
>> Hi Radim,
>>
>>> few weeks ago I asked question that was probably not interesting for you.
>>>
>>> Now ill put it differently.
>>>
>>> 2 computers - VPC and HOST
>>> VPC has 2 eth0 and eth1 interfaces (on host tap1 and tap2)
>>> HOST has 1 tap (tap0)
>>>
>>> HOST has br0 where tap0 and tap1 are bound
>>> VPC has br0 where eth0 and eth1 are bound
>>>
>>> tap1 has ip
>>> br0 on VPC has ip
>> Here is what I understand from your last post:
>>
>> +----------------HOST-----------------------------+
>> | |
>> | ???? --tap0--+ |
>> | | |
>> | | |
>> | +--br0 |
>> | +-----VPC-------------------+ | |
>> | | | | |
>> | | +--eth0--|--tap1--+ ip here |
>> | | ip here br0--+ | |
>> | | +--eth1--|--tap2 |
>> | | | |
>> | +---------------------------+ |
>> | |
>> +-------------------------------------------------+
>>
>> Can you confirm ? Please extend and possibly fix this ascii art to include you whole setup.
>>
>> If this is correct, then, the first possible problem comes from the fact that you should not put an ip on a member of a bridge but on the bridge itself. (br0 on HOST, not tap1 on HOST).
>>
>> Also, can you describe what you plan to do with tap2 on HOST and what process is managing the user-space side of tap0 on HOST ? Is it another VM ?
>>
>>> ping from VPC -> tap1:
>>>
>>> __ratelimit: 32575 callbacks suppressed
>>> eth0: received packed with own address as source address
>>> eth0: received packed with own address as source address
>>> eth0: received packed with own address as source address
>>> ...
>>>
>>> infinity loop stopped by command to turn on stp on VPC. This blocks eth0 -> port connected to bridge on HOST.
>>>
>>> No more problem with loop and VPC can actually ping HOST. Probably using eth1 which is not connected anywhere.
>>>
>>> So I assume that once packet is somewhere on a tap interface in the HOST. Thus its not possible to do little complicated network because all taps create a loop no matter how user connects them in bridges...is that right?
>> It is possible to do complicated network using VM and tap devices. Several tap devices are not leaking between them. But, if your configuration end up with two bridges face to face (one in the VM and one in the HOST) with two links between them, then you must enable stp on both bridge, in order to allow the bridges to detect and "fix" the loop.
>>
>> 'hope this help.
>>
>> Nicolas.
>>
>>> I've lost big amount of time trying to make this working...so please make sure i dont lost even more :))
>>>
>>> Thanks
>>> Radim
>>>
>>>
>>>
>>> On Mon, Nov 23, 2009 at 11:12 PM, Radim Roska <radim.roska@gmail.com <mailto:radim.roska@gmail.com>> wrote:
>>>
>>> Hello,
>>>
>>> I have this very uncommon situation :). My diploma thesis will
>>> probably be playing with linux kernel in various networks. Currently
>>> I have little free time and limited computer resources -> only one
>>> laptop :). But I would like to do some profiling of kernel
>>> particularly of bridging part. For that i need network.
>>>
>>> So i have 2 virtual machines VPC1 and VPC2 (running debian)
>>>
>>> HOST - VPC1 - VPC2
>>>
>>> VPC1 should act as bridge.
>>> HOST: tap0 interface
>>> VPC1:
>>> eth0 ~ tap1 on host
>>> eth1 ~ tap2 on host
>>> VPC2:
>>> eth0 ~ tap3 on host
>>>
>>> how to connect it? :) Well tap0 - tap1 is in br0 on host and tap2 +
>>> tap3 is on br1.
>>>
>>> VPC1 than has eth0 and eth1 in bridge also :).
>>>
>>> I know..it looks strange..but i thought its simplest :).
>>>
>>> But:
>>>
>>> 1) although VPC2 is connected through br1 that has connection only
>>> with tap2=eth1 on VPC1..I can ping anything even when VPC1 has all
>>> interfaces down
>>>
>>> 2) i dont see any loop in my "network" but anyway once i turn on
>>> br0 without stp on VPC1, i got quite a serious perf problem -
>>> little storm i guess:).
>>> starting stp solves storm but disables eth0
>>> [ 3839.200640] br0: starting userspace STP failed, starting kernel STP
>>> [ 3839.201388] br0: topology change detected, sending tcn bpdu
>>> [ 3839.202117] br0: port 2(eth0) entering blocking state
>>>
>>> i does not matter if i have stp on HOST's br0/br1
>>>
>>> If someone would have time to help me with that I'll be very happy
>>> :). Its possible Im trying approach that is doomed to fail because i
>>> dont know/understsand something.
>>>
>>> Cheers,
>>> Radim
>>>
>>>
>>>
>>>
>>> --
>>> Radim Roška
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> Bridge mailing list
>>> Bridge@lists.linux-foundation.org
>>> https://lists.linux-foundation.org/mailman/listinfo/bridge
>
>
>
> --
> Radim Roška
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2009-12-12 16:56 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-12-05 12:11 [Bridge] how bridge interacts with tap ifaces? Radim Roska
2009-12-05 18:29 ` Nicolas de Pesloüan
[not found] ` <aa3710a80912060352p4848bc64xea6961d271877924@mail.gmail.com>
2009-12-06 11:54 ` Radim Roska
2009-12-09 21:58 ` Nicolas de Pesloüan
2009-12-12 15:23 ` Radim Roska
2009-12-12 16:56 ` Nicolas de Pesloüan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox