lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 8 May 2023 17:26:21 +0800
From: Hangbin Liu <liuhangbin@...il.com>
To: Jay Vosburgh <jay.vosburgh@...onical.com>
Cc: netdev@...r.kernel.org
Subject: Re: [Issue] Bonding can't show correct speed if lower interface is
 bond 802.3ad

On Fri, Apr 28, 2023 at 09:06:40AM -0700, Jay Vosburgh wrote:
> Hangbin Liu <liuhangbin@...il.com> wrote:
> 
> >A user reported a bonding issue that if we put an active-back bond on top of a
> >802.3ad bond interface. When the 802.3ad bond's speed/duplex changed
> >dynamically. The upper bonding interface's speed/duplex can't be changed at
> >the same time.
> >
> >This seems not easy to fix since we update the speed/duplex only
> >when there is a failover(except 802.3ad mode) or slave netdev change.
> >But the lower bonding interface doesn't trigger netdev change when the speed
> >changed as ethtool get bonding speed via bond_ethtool_get_link_ksettings(),
> >which not affect bonding interface itself.
> 
> 	Well, this gets back into the intermittent discussion on whether
> or not being able to nest bonds is useful or not, and thus whether it
> should be allowed or not.  It's at best a niche use case (I don't recall
> the example configurations ever being anything other than 802.3ad under
> active-backup), and was broken for a number of years without much
> uproar.
> 
> 	In this particular case, nesting two LACP (802.3ad) bonds inside
> an active-backup bond provides no functional benefit as far as I'm aware
> (maybe gratuitous ARP?), as 802.3ad mode will correctly handle switching
> between multiple aggregators.  The "ad_select" option provides a few
> choices on the criteria for choosing the active aggregator.
> 
> 	Is there a reason the user in your case doesn't use 802.3ad mode
> directly?

Hi Jay,

I just back from holiday and re-read you reply. The user doesn't add 2 LACP
bonds inside an active-backup bond. He add 1 LACP bond and 1 normal NIC in to
an active-backup bond. This seems reasonable. e.g. The LACP bond in a switch
and the normal NIC in another switch.

What do you think?

Thanks
Hangbin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ