Re: [ovs-discuss] Strange behaviour with VLANs and Bridges and ARP.
So as of right now, this is in effect on Kernel 4.12.4-1.g2a27bf2-default on OpenSUSE 42.3 (Using the Kernel:stable branch because some other apps require it) on every system with a vswitch called lan attached to a vswitch called br0 where the vswitch lan is the main access point to the rest of the network. I haven't tried any other configurations. That said, the only temporary solution I've found is to have a systemd timer trigger a gratuitious arp every minute or so, so that anybody *waiting* for an arp response will get notified where the host is and be able to finish the mount, ping, etc. when the gratuitous arp comes in. On Wed, Aug 9, 2017 at 4:36 PM, Schlacta, Christopher wrote: > My configuration looks like this: > > > Smart switch --on shelf. > --- br0 --on density <-- Inbound ARP requests for 'lan' IP appear here. > --- --- lan --on density, assigned vlan 10, lan IP <-- Inbound ARP > requests for 'lan' IP DO NOT appear here. No response is sent. > ---br0 --on densetsu > --- ---lan --on densetsu, Assigned vlan 10 > > Additionally, any other PC on vlan 10 is unable to ping into density > or densetsu until the respective destination pings out to the > respective origin. After the client has it's ARP table populated, all > communication flows seamlessly. > > Furthermore, the "lan" interfaces always have different MAC addresses > and reject manual MAC assignments from wicked. (Open suse server > network management system), so I can't just pre-fill ethers file on > the various client systems. > > > > On Wed, Aug 9, 2017 at 7:54 AM, Blue Lang wrote: >> The only place I've seen this is with VMWARE vswitch not forwarding ARP on >> ESX. That doesn't sound like it's any part of your issue. >> >> When you say "smart switch using openvswitch," what do you mean exactly? >> >> Thanks, >> >> On Tue, Aug 8, 2017 at 11:44 PM, Ricky wrote: >>> >>> I have run into a similar problem myself and have not found the solution. >>> The ARP traffic from one direction makes it to OVS, but does not get sent to >>> device it needs to go to. It my case OVS pretty much isn't sending any ARP >>> packets out from itself except to the other OVS instances I have a GRE >>> tunnel with. I'm running version 2.5.0. >>> >>> Please let me know if you made any progress on your issue. >>> >>> >>> On 08/07/2017 07:19 PM, Schlacta, Christopher wrote: Ping. Anybody? Hello? On Wed, Aug 2, 2017 at 10:32 PM, Schlacta, Christopher wrote: > > So this is a bit hard to explain, but I hope you'll follow. I have > two hosts, density and densetsu. they each host VMs and CEPH nodes > using libvirt and ceph and they're connected to a smart switch using > openvswitch and there are a bunch of VLANs. 5, 6, 10, 20, and 30. > Most "normal" traffic goes along VLAN 10. That's just the LAN VLAN. > So here's what the ovs-vsctl show looks like on each host: > > > density: > aarcane@density:~$ sudo ovs-vsctl show > YubiKey for `aarcane': > f2ae0266-6cae-44f0-8ca5-9d6f66562ff4 > Bridge "br0" > Port lan > tag: 10 > Interface lan > type: internal > Port "vnet0" > trunks: [5, 6, 10, 20, 30] > Interface "vnet0" > Port "eth1" > Interface "eth1" > Port "vnet1" > trunks: [5, 6, 10, 20, 30] > Interface "vnet1" > Port "br0" > Interface "br0" > type: internal > ovs_version: "2.7.0" > > > densetsu: > aarcane@densetsu:~$ sudo ovs-vsctl show > 2d6843ee-2bb6-48b8-a979-ba7f64bf5ebc > Bridge "br0" > Port "eth0" > Interface "eth0" > Port lan > tag: 10 > Interface lan > type: internal > Port "br0" > Interface "br0" > type: internal > ovs_version: "2.7.0" > > > The problem is when I try to ping the opposite machine (densetsu to > density or vice versa), the ARP packets get sent with appropriate > information through BR0 and out the eth device all tagged with VLAN > 10, but the *inbound* arp packet is never sent to the lan interface. > I see it at the br0 and the eth interface, but not the destination > host's lan interface. Furthermore, the destination never seems to see > this or respond to it, so it's then impossible for the to initiate > contact without adding entries to the ethers file. > > This is well and good, but it also means that other systems on the > network also cannot connect to them for purposes of administration and > management, and this is very problematic. > > I've not made any changes to openflow. They've been able to > communicate with each other for a long time. Th
Re: [ovs-discuss] Strange behaviour with VLANs and Bridges and ARP.
My configuration looks like this: Smart switch --on shelf. --- br0 --on density <-- Inbound ARP requests for 'lan' IP appear here. --- --- lan --on density, assigned vlan 10, lan IP <-- Inbound ARP requests for 'lan' IP DO NOT appear here. No response is sent. ---br0 --on densetsu --- ---lan --on densetsu, Assigned vlan 10 Additionally, any other PC on vlan 10 is unable to ping into density or densetsu until the respective destination pings out to the respective origin. After the client has it's ARP table populated, all communication flows seamlessly. Furthermore, the "lan" interfaces always have different MAC addresses and reject manual MAC assignments from wicked. (Open suse server network management system), so I can't just pre-fill ethers file on the various client systems. On Wed, Aug 9, 2017 at 7:54 AM, Blue Lang wrote: > The only place I've seen this is with VMWARE vswitch not forwarding ARP on > ESX. That doesn't sound like it's any part of your issue. > > When you say "smart switch using openvswitch," what do you mean exactly? > > Thanks, > > On Tue, Aug 8, 2017 at 11:44 PM, Ricky wrote: >> >> I have run into a similar problem myself and have not found the solution. >> The ARP traffic from one direction makes it to OVS, but does not get sent to >> device it needs to go to. It my case OVS pretty much isn't sending any ARP >> packets out from itself except to the other OVS instances I have a GRE >> tunnel with. I'm running version 2.5.0. >> >> Please let me know if you made any progress on your issue. >> >> >> On 08/07/2017 07:19 PM, Schlacta, Christopher wrote: >>> >>> Ping. Anybody? Hello? >>> >>> On Wed, Aug 2, 2017 at 10:32 PM, Schlacta, Christopher >>> wrote: So this is a bit hard to explain, but I hope you'll follow. I have two hosts, density and densetsu. they each host VMs and CEPH nodes using libvirt and ceph and they're connected to a smart switch using openvswitch and there are a bunch of VLANs. 5, 6, 10, 20, and 30. Most "normal" traffic goes along VLAN 10. That's just the LAN VLAN. So here's what the ovs-vsctl show looks like on each host: density: aarcane@density:~$ sudo ovs-vsctl show YubiKey for `aarcane': f2ae0266-6cae-44f0-8ca5-9d6f66562ff4 Bridge "br0" Port lan tag: 10 Interface lan type: internal Port "vnet0" trunks: [5, 6, 10, 20, 30] Interface "vnet0" Port "eth1" Interface "eth1" Port "vnet1" trunks: [5, 6, 10, 20, 30] Interface "vnet1" Port "br0" Interface "br0" type: internal ovs_version: "2.7.0" densetsu: aarcane@densetsu:~$ sudo ovs-vsctl show 2d6843ee-2bb6-48b8-a979-ba7f64bf5ebc Bridge "br0" Port "eth0" Interface "eth0" Port lan tag: 10 Interface lan type: internal Port "br0" Interface "br0" type: internal ovs_version: "2.7.0" The problem is when I try to ping the opposite machine (densetsu to density or vice versa), the ARP packets get sent with appropriate information through BR0 and out the eth device all tagged with VLAN 10, but the *inbound* arp packet is never sent to the lan interface. I see it at the br0 and the eth interface, but not the destination host's lan interface. Furthermore, the destination never seems to see this or respond to it, so it's then impossible for the to initiate contact without adding entries to the ethers file. This is well and good, but it also means that other systems on the network also cannot connect to them for purposes of administration and management, and this is very problematic. I've not made any changes to openflow. They've been able to communicate with each other for a long time. This change happened with a recent kernel upgrade. Not sure how to fix it or if it's a bug. Again, note: All IP traffic seems to work fine. ICMP works without issue, TCP, etc. It's only the ARP protocol that seems to not be passing inward when it should be. >>> >>> ___ >>> discuss mailing list >>> disc...@openvswitch.org >>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >> >> >> >> ___ >> discuss mailing list >> disc...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss > > > > > -- > Blue Lang > PM | Veracity > > 3423 Piedmont Rd NE > > Suite 350 > > Atlanta, GA 30305 > > Cell: (770) 265-1381 > https://www.linkedin.com/in/bluelang/ > b...@veracity.io > www.veracity
Re: [ovs-discuss] Strange behaviour with VLANs and Bridges and ARP.
The only place I've seen this is with VMWARE vswitch not forwarding ARP on ESX. That doesn't sound like it's any part of your issue. When you say "smart switch using openvswitch," what do you mean exactly? Thanks, On Tue, Aug 8, 2017 at 11:44 PM, Ricky wrote: > I have run into a similar problem myself and have not found the solution. > The ARP traffic from one direction makes it to OVS, but does not get sent > to device it needs to go to. It my case OVS pretty much isn't sending any > ARP packets out from itself except to the other OVS instances I have a GRE > tunnel with. I'm running version 2.5.0. > > Please let me know if you made any progress on your issue. > > > On 08/07/2017 07:19 PM, Schlacta, Christopher wrote: > >> Ping. Anybody? Hello? >> >> On Wed, Aug 2, 2017 at 10:32 PM, Schlacta, Christopher >> wrote: >> >>> So this is a bit hard to explain, but I hope you'll follow. I have >>> two hosts, density and densetsu. they each host VMs and CEPH nodes >>> using libvirt and ceph and they're connected to a smart switch using >>> openvswitch and there are a bunch of VLANs. 5, 6, 10, 20, and 30. >>> Most "normal" traffic goes along VLAN 10. That's just the LAN VLAN. >>> So here's what the ovs-vsctl show looks like on each host: >>> >>> >>> density: >>> aarcane@density:~$ sudo ovs-vsctl show >>> YubiKey for `aarcane': >>> f2ae0266-6cae-44f0-8ca5-9d6f66562ff4 >>> Bridge "br0" >>> Port lan >>> tag: 10 >>> Interface lan >>> type: internal >>> Port "vnet0" >>> trunks: [5, 6, 10, 20, 30] >>> Interface "vnet0" >>> Port "eth1" >>> Interface "eth1" >>> Port "vnet1" >>> trunks: [5, 6, 10, 20, 30] >>> Interface "vnet1" >>> Port "br0" >>> Interface "br0" >>> type: internal >>> ovs_version: "2.7.0" >>> >>> >>> densetsu: >>> aarcane@densetsu:~$ sudo ovs-vsctl show >>> 2d6843ee-2bb6-48b8-a979-ba7f64bf5ebc >>> Bridge "br0" >>> Port "eth0" >>> Interface "eth0" >>> Port lan >>> tag: 10 >>> Interface lan >>> type: internal >>> Port "br0" >>> Interface "br0" >>> type: internal >>> ovs_version: "2.7.0" >>> >>> >>> The problem is when I try to ping the opposite machine (densetsu to >>> density or vice versa), the ARP packets get sent with appropriate >>> information through BR0 and out the eth device all tagged with VLAN >>> 10, but the *inbound* arp packet is never sent to the lan interface. >>> I see it at the br0 and the eth interface, but not the destination >>> host's lan interface. Furthermore, the destination never seems to see >>> this or respond to it, so it's then impossible for the to initiate >>> contact without adding entries to the ethers file. >>> >>> This is well and good, but it also means that other systems on the >>> network also cannot connect to them for purposes of administration and >>> management, and this is very problematic. >>> >>> I've not made any changes to openflow. They've been able to >>> communicate with each other for a long time. This change happened >>> with a recent kernel upgrade. Not sure how to fix it or if it's a >>> bug. Again, note: All IP traffic seems to work fine. ICMP works >>> without issue, TCP, etc. It's only the ARP protocol that seems to not >>> be passing inward when it should be. >>> >> ___ >> discuss mailing list >> disc...@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss >> > > > ___ > discuss mailing list > disc...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-discuss > -- Blue Lang PM *| *Veracity 3423 Piedmont Rd NE Suite 350 Atlanta, GA 30305 Cell: (770) 265-1381 <+17702651381> https://www.linkedin.com/in/bluelang/ b...@veracity.io www.veracity.io ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] Strange behaviour with VLANs and Bridges and ARP.
I have run into a similar problem myself and have not found the solution. The ARP traffic from one direction makes it to OVS, but does not get sent to device it needs to go to. It my case OVS pretty much isn't sending any ARP packets out from itself except to the other OVS instances I have a GRE tunnel with. I'm running version 2.5.0. Please let me know if you made any progress on your issue. On 08/07/2017 07:19 PM, Schlacta, Christopher wrote: Ping. Anybody? Hello? On Wed, Aug 2, 2017 at 10:32 PM, Schlacta, Christopher wrote: So this is a bit hard to explain, but I hope you'll follow. I have two hosts, density and densetsu. they each host VMs and CEPH nodes using libvirt and ceph and they're connected to a smart switch using openvswitch and there are a bunch of VLANs. 5, 6, 10, 20, and 30. Most "normal" traffic goes along VLAN 10. That's just the LAN VLAN. So here's what the ovs-vsctl show looks like on each host: density: aarcane@density:~$ sudo ovs-vsctl show YubiKey for `aarcane': f2ae0266-6cae-44f0-8ca5-9d6f66562ff4 Bridge "br0" Port lan tag: 10 Interface lan type: internal Port "vnet0" trunks: [5, 6, 10, 20, 30] Interface "vnet0" Port "eth1" Interface "eth1" Port "vnet1" trunks: [5, 6, 10, 20, 30] Interface "vnet1" Port "br0" Interface "br0" type: internal ovs_version: "2.7.0" densetsu: aarcane@densetsu:~$ sudo ovs-vsctl show 2d6843ee-2bb6-48b8-a979-ba7f64bf5ebc Bridge "br0" Port "eth0" Interface "eth0" Port lan tag: 10 Interface lan type: internal Port "br0" Interface "br0" type: internal ovs_version: "2.7.0" The problem is when I try to ping the opposite machine (densetsu to density or vice versa), the ARP packets get sent with appropriate information through BR0 and out the eth device all tagged with VLAN 10, but the *inbound* arp packet is never sent to the lan interface. I see it at the br0 and the eth interface, but not the destination host's lan interface. Furthermore, the destination never seems to see this or respond to it, so it's then impossible for the to initiate contact without adding entries to the ethers file. This is well and good, but it also means that other systems on the network also cannot connect to them for purposes of administration and management, and this is very problematic. I've not made any changes to openflow. They've been able to communicate with each other for a long time. This change happened with a recent kernel upgrade. Not sure how to fix it or if it's a bug. Again, note: All IP traffic seems to work fine. ICMP works without issue, TCP, etc. It's only the ARP protocol that seems to not be passing inward when it should be. ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] Strange behaviour with VLANs and Bridges and ARP.
Ping. Anybody? Hello? On Wed, Aug 2, 2017 at 10:32 PM, Schlacta, Christopher wrote: > So this is a bit hard to explain, but I hope you'll follow. I have > two hosts, density and densetsu. they each host VMs and CEPH nodes > using libvirt and ceph and they're connected to a smart switch using > openvswitch and there are a bunch of VLANs. 5, 6, 10, 20, and 30. > Most "normal" traffic goes along VLAN 10. That's just the LAN VLAN. > So here's what the ovs-vsctl show looks like on each host: > > > density: > aarcane@density:~$ sudo ovs-vsctl show > YubiKey for `aarcane': > f2ae0266-6cae-44f0-8ca5-9d6f66562ff4 > Bridge "br0" > Port lan > tag: 10 > Interface lan > type: internal > Port "vnet0" > trunks: [5, 6, 10, 20, 30] > Interface "vnet0" > Port "eth1" > Interface "eth1" > Port "vnet1" > trunks: [5, 6, 10, 20, 30] > Interface "vnet1" > Port "br0" > Interface "br0" > type: internal > ovs_version: "2.7.0" > > > densetsu: > aarcane@densetsu:~$ sudo ovs-vsctl show > 2d6843ee-2bb6-48b8-a979-ba7f64bf5ebc > Bridge "br0" > Port "eth0" > Interface "eth0" > Port lan > tag: 10 > Interface lan > type: internal > Port "br0" > Interface "br0" > type: internal > ovs_version: "2.7.0" > > > The problem is when I try to ping the opposite machine (densetsu to > density or vice versa), the ARP packets get sent with appropriate > information through BR0 and out the eth device all tagged with VLAN > 10, but the *inbound* arp packet is never sent to the lan interface. > I see it at the br0 and the eth interface, but not the destination > host's lan interface. Furthermore, the destination never seems to see > this or respond to it, so it's then impossible for the to initiate > contact without adding entries to the ethers file. > > This is well and good, but it also means that other systems on the > network also cannot connect to them for purposes of administration and > management, and this is very problematic. > > I've not made any changes to openflow. They've been able to > communicate with each other for a long time. This change happened > with a recent kernel upgrade. Not sure how to fix it or if it's a > bug. Again, note: All IP traffic seems to work fine. ICMP works > without issue, TCP, etc. It's only the ARP protocol that seems to not > be passing inward when it should be. ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
