[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4937D494.8080202@trash.net>
Date: Thu, 04 Dec 2008 14:01:08 +0100
From: Patrick McHardy <kaber@...sh.net>
To: Mark Smith <ipng@...06e6720323030352d30312d31340a.nosense.org>
CC: netdev@...r.kernel.org
Subject: Re: Is it valid to add a macvlan virtual interface to a bridge? If
so, there seems to be a bug with it.
Mark Smith wrote:
> Hi,
>
> Is it valid to add a macvlan interface to a bridge? I've been having
> some trouble with inbound unicast traffic not being forwarded into or
> across the bridge, yet inbound broadcast or outbound unicast traffic
> being delivered across the bridge correctly.
>
> My setup has been as follows:
>
> o One physical ethernet interface, purely used to "host" macvlan
> interfaces i.e. no IP address, not added to the bridge.
>
> o Quite a number of macvlan interfaces (I've found the limit of
> 99 :-) ).
Actually there's no limit of 99. The only limiting factor is
the hash size off 256.
> o Most of those macvlan interfaces are used by individual
> instances of roaring penguin pppoe-server. This has worked fine.
>
> o One of the macvlan interfaces is in a bridge instance, with the
> other interface in the bridge being a tap interface. Attached to the
> tap interface is guest virtual host, also running a pppoe server.
>
> This bridged macvlan setup seemed to be working ok, as I was seeing
> incoming broadcast traffic and outgoing unicast traffic. My full setup
> wasn't working correctly, so I spent quite a bit of time investigating
> other possible causes. I finally came back around to the bridged macvlan
> interface, and then noticed that only incoming unicast traffic wasn't
> being bridged/forwarded to the device behind the tap interface.
> Bridging the tap interface with another real physical interface resolved
> the issue.
>
> I've had a look at the dev.c file in 2.6.27, and my very naive guess
> is that as the handle_bridge() call is before the handle_macvlan() call,
> because the incoming real physical interface is not part of the bridge,
> the incoming unicast packet is being dropped, before the macvlan code
> gets a look at it.
Yes, that seems correct.
> Should what I'm doing be working or possible? If not, could something
> be added to the kernel to prevent macvlan interfaces being added to
> bridge instances, to stop other people spending time trying to do what
> I've tried to do?
Unfortunately one of both combinations will not work, no matter
what we do. The bridge code could issue a warning when adding
a bridge on top of a macvlan device, but there's no clean indication
that something is a macvlan device besides dev->rtnl_link_ops->kind
being "macvlan".
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists