Re: [lxc-users] Containers have network issues when their host uses a bonded interface
On 09/10/2015 07:57 PM, Fajar A. Nugraha wrote: If I read the bug report correctly, it's not moved to lxc. Rather, KVM is not required to reproduce it, using lxc is enough to trigger the bug. Using KVM will of course still trigger the bug as well. Sorry, I didn't mean the bug was moved to lxc, I just meant the discussion moved to lxc. Since we've been using KVM for years though and have never seen this issue, my guess is that it may have been fixed for KVM. Probably because not many people use balance-rr. Mission-critical setups would use 802.3ad (with suitable switches), while beginners would mostly stick with active-backup. We use balance-alb (mode 5) of course so we can get more bandwidth in our transmit pipe. We install our software in generic environments and cannot rely on the customer having special switches. This means mode 5 is the best option for us, although we support mode 6 (balance-alb) installs as well. Since the original bug report is quite old, and you're not using ubuntu, I suggest you: - try latest kernel, to make sure the bug still exists there (e.g. using 4.2 from http://elrepo.org/tiki/kernel-ml) - file a bug report to centos and/or linux kernel maintainers I tried the 4.2 kernel and the problem appears to be fixed in this kernel for my LXC tests--the arp tables update properly with this kernel. CentOS 7.1 is running kernel 3.10. Not sure what the QA folks here will think about using the 4.2 kernel to fix this issue... ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Containers have network issues when their host uses a bonded interface
On 09/10/2015 11:14 PM, Guido Jäkel wrote: * Is even LXC not needed to reproduce the issue but just a bridge on a bound and some other devices? I have not been able to reproduce the problem except between containers running on different hosts. Behavior is the same for lxc and libvirt-lxc. * Did this issue appear if you use a higher MAC prefix than 64:... for the veths? I did try this, using 54:C0:xx:xx:xx:xx for my mac addresses. It did not help. May you dump the arp traffic (maybe together with icmp) on the host? I'm interested in what happens in/around moment the gateway is pinged! On the bridge, did you set forward delay to 0, a low hello intervall (e.g. 1s) and turn on STP? I tried stp on and off, as well as setting a delay to 0 and sleep to 1. No luck. If I pre-populate everyone's arp tables, this solves the problem, but that's not a practical solution. ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Containers have network issues when their host uses a bonded interface
Greetings, Peter Steele! >> * Is even LXC not needed to reproduce the issue but just a bridge on a bound >> and some other devices? > I have not been able to reproduce the problem except between containers > running on different hosts. Behavior is the same for lxc and libvirt-lxc. >> * Did this issue appear if you use a higher MAC prefix than 64:... for the >> veths? > I did try this, using 54:C0:xx:xx:xx:xx for my mac addresses. It did not > help. >> May you dump the arp traffic (maybe together with icmp) on the host? I'm >> interested in what happens in/around moment the gateway is pinged! >> >> On the bridge, did you set forward delay to 0, a low hello intervall (e.g. >> 1s) and turn on STP? >> > I tried stp on and off, as well as setting a delay to 0 and sleep to 1. > No luck. > If I pre-populate everyone's arp tables, this solves the problem, but > that's not a practical solution. So, have you tried getting rid of the bridge in first place? -- With best regards, Andrey Repin Friday, September 11, 2015 22:07:57 Sorry for my terrible english... ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Containers have network issues when their host uses a bonded interface
On 09/11/2015 12:08 PM, Andrey Repin wrote: So, have you tried getting rid of the bridge in first place? The problem isn't the bridge per se, it's the bond mode. If I use active-backup the veth->bridge->bond path from container to container works as expected. Bond modes using load balancing on the bond though cause problems. Would removing the bridge from this scenario solve the problem. How can a container be configured without bridging and be able to get to a container on another host? ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
