lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 28 Jul 2014 10:32:47 -0700
From:	Jay Vosburgh <jay.vosburgh@...onical.com>
To:	Dmitry Krivenok <krivenok.dmitry@...il.com>
cc:	netdev@...r.kernel.org, willy@...a-x.org, const-g@...rt.com,
	girouard@...ibm.com, ctindel@...e.org, mitch.a.williams@...el.com
Subject: Re: Question about 802.3ad bonding mode.

Dmitry Krivenok <krivenok.dmitry@...il.com> wrote:

>Hello,
>I have two physical NICs bonded into bond0 interface with bonding
>mode=4 (i,e, 802.3ad).
>Both NICs are connected to the same switch and switch ports are *not*
>configured in "lacp" mode.
[...]
>I have IP address configured on bond0 and from what I see it's fully
>working. I can ping it from various hosts, I can ssh to that host,
>etc. From user perspective it works just fine except that there is no
>LAG...
>
>Is that correct behavior of dynamic link aggregation via LACP?
>Shouldn't it be configuration error? Is it 802.1ax compliant?

	Your system is behaving correctly; there is a backwards
compatibility mechanism in the standard.

	Essentially, if there is no LACPDU exchange, the affected links
are marked as "Individual" (as opposed to "Aggregatable"), which means
that those links become members of an aggregator with exactly one
member: that link.

	Then, when the active aggregator to use for traffic is selected,
if all links are Individual, then one of those is selected, and there is
then one link that works for communication with the partner system.

	This is done intentionally to permit communication from a system
configured for LACP to a system that is not so configured.

	This is mentioned at a high level in IEEE 802.1AX section 5.1.2
(j), the Individual vs Aggregatable is in 5.3.5 and 5.3.6, the treatment
of Individual links is in 5.3.9, and 5.4.12 says, in part:

	If no LACPDU is received before the current_while timer expires
	again, the state machine transits to the DEFAULTED state. [...]
	This allows configuration of aggregations and individual links
	when no protocol Partner is present, while still permitting an
	active Partner to override default settings.  [...]

	-J

---
	-Jay Vosburgh, jay.vosburgh@...onical.com
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ