| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 02 Feb 2011 11:19:45 +0100 From: Nicolas de Pesloüan <nicolas.2p.debian@...il.com> To: Jay Vosburgh <fubar@...ibm.com>, Jiri Bohac <jbohac@...e.cz> CC: "bonding-devel@...ts.sourceforge.net" <bonding-devel@...ts.sourceforge.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: Bonding on bond Le 29/01/2011 01:38, Jay Vosburgh a écrit : > Nicolas de Pesloüan<nicolas.2p.debian@...il.com> wrote: [snip] >> However, the ingress path doesn't work at all. bond0 is unable to receive any packets (ARP or IP). > > In light of this, I don't see a problem with disallowing nesting > of bonds. It should be documented in bonding.txt. Ok, I will do that. Jiri, any trouble with me stealing your patch (code) and adding the documentation update part? Or do you prefer to do it yourself? [snip] >> That being said, we still miss a way to achieve a simple configuration >> with several links doing load balancing to a switch and one or several >> links doing fail over to another switch, both switches *not* being 802.3ad >> capable. > > This is a harder problem, but it's something that doesn't work > today (and I suspect hasn't for a long time, so if somebody was using > this, I think there would have been some discussion). In the mean time, I will state in the documentation that: - nesting is not allowed. - only the above particular setup would possibly require nesting. - this can be achieve using 802.3ad mode, connected to 802.3ad capable switches. >> Should we arrange for bonding to be allowed to nest, for this purpose, or >> should we find a way to setup this configuration with a single level of >> bonding ? I would prefer the second, but... > > I'm not sure that either is necessary; 802.3ad will do this > today, and few current production switches lack 802.3ad support. > > Adding support for etherchannel (i.e., not 802.3ad) gang > failover is nontrivial, because the multiple etherchannel port groups > will have to be managed separately, and most likely assigned manually. > Sure, it'd be nice to have, but I'm not sure if it's a benefit worth the > effort. I'm far from a 802.3ad (802.1AX) specialist, but... wouldn't it be possible to force the aggregator by hand, for every slaves, to achieve the same effect as receiving LACPDU, when connected to non 802.3ad capable switches? echo 802.3ad > /sys/class/net/bond0/bonding/mode echo +eth0 > /sys/class/net/bond0/bonding/slaves echo +eth1 > /sys/class/net/bond0/bonding/slaves echo +eth2 > /sys/class/net/bond0/bonding/slaves echo 1 > /sys/class/net/bond0/bonding/ad_aggregator_eth0 # those sysfs entries to be created... echo 1 > /sys/class/net/bond0/bonding/ad_aggregator_eth1 echo 2 > /sys/class/net/bond0/bonding/ad_aggregator_eth2 > Either way, for now, since I recall you mentioned in another > email that you'd crashed the system from nesting bonds, I don't see a > problem with disallowing nesting and updating the documentation with a > bit of this discussion (e.g., "nesting doesn't work, you're probably > trying to do gang failover, which 802.3ad already does for you"). Thanks. Nicolas. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists