[Bug 587129] New: Unable to configure bridge over vlan
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c0 Summary: Unable to configure bridge over vlan Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: x86-64 OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: romain.pelissier@gmail.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6.4; NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; MS-RTC LM 8) I am trying to configure my opensuse 11.2 Xen server pretty much the same way we configure our SLES server at work. As a good protice, our SLES 10 SP2 boxes are configured like this: eth0 |-bonding->vlan->bridge eth1 On my box I don't use bonding so I have tried eth0 -> vlan -> bridge And it does not work at all. eth0 -> vlan2 works (vlan attached to eth0) eth0 -> br0 works (bridge attached to eth0) but as soon as I try to attached the bridge to the vlan interface, it fail (I can't ping the gateway) Reproducible: Always Steps to Reproduce: 1. Install opensuse 11.2 with xen 2. Configure vlanx to use eth0 3. configure brdge br0 to use vlan interface Actual Results: No ping to the gateway I don't know if it is a bug. But I could be very nice if I could have some information about why this setup does not work in OS 11.2 even if it works on a SLES 10 SP2 box. I classify this bug as major for now -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c yang xiaoyu <xyyang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xyyang@novell.com AssignedTo|bnc-team-screening@forge.pr |mt@novell.com |ovo.novell.com | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c1 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |romain.pelissier@gmail.com OS/Version|Other |openSUSE 11.2 --- Comment #1 from Marius Tomaschewski <mt@novell.com> 2010-03-12 12:20:10 UTC --- It works fine here. I've tested it just now -- it is not possible to create a bridge on top of a vlan interface in yast2 on 11.2 so you may have to create it on top of eth0 and fix manually to use vlan. Here the config I've used: === ifcfg-eth1 === BOOTPROTO='none' BROADCAST='' ETHTOOL_OPTIONS='' IPADDR='' MTU='' NAME='MCP55 Ethernet' NETMASK='' NETWORK='' REMOTE_IPADDR='' STARTMODE='auto' USERCONTROL='no' === ifcfg-vlan42 === BOOTPROTO='none' BROADCAST='' ETHERDEVICE='eth1' ETHTOOL_OPTIONS='' IPADDR='' MTU='' NAME='' NETMASK='' NETWORK='' REMOTE_IPADDR='' STARTMODE='auto' USERCONTROL='no' === ifcfg-br42 === NAME='Bridge on vlan42' STARTMODE='auto' USERCONTROL='no' BOOTPROTO='static' IPADDR='192.168.42.1/24' MTU='' BRIDGE='yes' BRIDGE_PORTS='vlan42' BRIDGE_STP='off' BRIDGE_FORWARDDELAY='0' BRIDGE_HELLOTIME='1' BRIDGE_MAXAGE='4' To start it, use "rcnetwork restart" or also: rcnetwork start eth1 rcnetwork start vlan42 rcnetwork start br42 BTW: When you need multiple vlan interfacces with same ID, you just need to rename the ifcfg files and adopt the bridge config. In the above case the steps would be: mv ifcfg-vlan42 ifcfg-eth1.42 sed -e 's/vlan42/eth1.42/g' -i ifcfg-br42 Note: The $iface.$vlan scheme is currently not supported in yast2. Would you test the configs above please? Don't forget to adopt the firewall settings :-) When it still does not work for you, please provide the relevant /etc/sysconfig/network/ifcfg-* files + the "ip addr show" output. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c2 --- Comment #2 from Romain Pelissier <romain.pelissier@gmail.com> 2010-03-15 14:19:20 UTC --- Hi, Thanks for the tips. All is working perfectly now, in fact it is totally my fault: I didn't know that I could tag a vlan without giving the vlan interface an ip address. My mistake was to give the vlan interface an ip adress and not the bridge interface. Sounds perfectly logic now: eth0 (no config) | vlan2 (no config but 'bonded' with eth0) | br2 (ip adress is set here with and 'bonded' to vlan2) The tab is applied the way it should and all VMs can talk with the dom0 bridge. The bug report can be closed. Thank you very much for your help (put the generic of the little house on the prairie here). Romain -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c3 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|romain.pelissier@gmail.com | AssignedTo|mt@novell.com |mzugec@novell.com OS/Version|openSUSE 11.2 |openSUSE 11.3 Severity|Major |Enhancement --- Comment #3 from Marius Tomaschewski <mt@novell.com> 2010-03-15 15:53:16 UTC --- OK, thanks for the feedback! I reassign it as enhancement for yast2-network to allow vlan interfaces as bridge ports on 11.3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c4 Michal Zugec <mzugec@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |mt@novell.com --- Comment #4 from Michal Zugec <mzugec@novell.com> 2010-03-15 16:55:28 UTC --- Is it duplicate of bnc#569970? I'm a bit confusing from eth0->vlan2->br2 order -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c5 Marius Tomaschewski <mt@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |mt@novell.com Info Provider|mt@novell.com | --- Comment #5 from Marius Tomaschewski <mt@novell.com> 2010-03-16 08:05:13 UTC --- (In reply to comment #4)
Is it duplicate of bnc#569970?
Well, it's another way around there: eth0->br0->vlan0 | +-->vif's In this scenario, you add vlan on top of the bridge, what allows the host/dom0 to communicate with a vlanX [vlan id 0 is a special case] and with non-tagged interfaces directly via br0. Every virtual machine has to use own vlan interface to send vlan tagged frames.
I'm a bit confusing from eth0->vlan2->br2 order
eth0->vlan2->br0 | +-->vif's A vlan interface is basically a filter, that filters out all incomming traffic that is not marked with the VLAN id and marks all traffic it sends to the physical interface. This scenario causes that any frame send out by the bridge via vlan2(->eth0) is tagged with vlan ID 2 and the bridge receives only vlan 2 tagged traffic via its (eth0->)vlan2 port. That is, all VM's / vif's can communicate with dom0 without any vlan tag using the normal br0 interface. Because the vlan interface tags all traffic going out via eth0, all dom0 _and_ vif's traffic going to the e.g. switch behind eth0 is tagged. The domU'd don't even know that this happens and don't need any vlan interface themself. Michal, please consider also the scenario with multiple vlan id 2 interfaces (note, the ethX.Y scheme is already _used_ by the initrd on SLE-11-SP1 !!): * eth0 -> eth0.2 == vlan id 2 on eth0 ifcfg-eth0.2 ETHERDEVICE='eth0' * eth1 -> eth1.2 == vlan id 2 on eth1 ifcfg-eth1.2 ETHERDEVICE='eth1' Identify vlan interfaces as follows: if test -d /sys/class/net/$IF ; then # interface exists test -f /proc/net/vlan/$IF && \ TYPE=vlan else # config only grep -qs ETHERDEVICE= /etc/sysconfig/network/ifcfg-$IF && \ TYPE=vlan fi See also "man ifcfg-vlan". -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=587129 http://bugzilla.novell.com/show_bug.cgi?id=587129#c6 Michal Zugec <mzugec@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #6 from Michal Zugec <mzugec@novell.com> 2010-04-13 11:12:26 UTC --- fixed in yast2-network-2.17.134 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com