FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 02-10-2012, 10:47 AM
Dennis Jacobfeuerborn
 
Default oops, or how to bring a datacenter router down with one setting

On 02/10/2012 12:54 AM, Bob Hoffman wrote:
> so I gave up on bonding.
> I found about 300 posts showing eth0 and eth1 both pointing to br0 (bridge)
> as interfaces.
> I followed them correctly, or so I thought.
> I pointed both ethx to the bridge, restarted network and bam...!!!

Bonding and bridging are completely different things. If you want to start
bonding then you should first start with simply bonding the two interfaces
and only once you got that going add the bridge and then add the bond0
device to it.

Regards,
Dennis
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 12:48 PM
Dennis Jacobfeuerborn
 
Default oops, or how to bring a datacenter router down with one setting

On 02/10/2012 11:18 AM, Tony Mountifield wrote:
> In article<4F345CD3.4060604@bobhoffman.com>,
> Bob Hoffman<bob@bobhoffman.com> wrote:
>> so I gave up on bonding.
>> I found about 300 posts showing eth0 and eth1 both pointing to br0 (bridge)
>> as interfaces.
>> I followed them correctly, or so I thought.
>> I pointed both ethx to the bridge, restarted network and bam...!!!
>>
>> entire ip block went out.
>>
>> [...]
>>
>> Feb 9 04:22:41 main kernel: __ratelimit: 100807 callbacks suppressed
>> Feb 9 04:22:41 main kernel: eth1: received packet with own address as
>> source address
>
> I think to do this you also need to be connected to a managed switch
> which supports interface bonding. You would have to tell it that the two
> switch ports are bonded to the same machine. That should prevent it from
> forwarding packets received on one of the ports out via the other port.
>
> The key phrase to look for appears to be "IEEE 802.3ad Dynamic Link
> Aggregation".

Yes, linux support LACP but it's just one of the possible bonding modes.
The other ones can work without special switch support i.e. "Active-backup"
only works with one port and the other only comes into play when the first
one fails.

Regards,
Dennis
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 12:54 PM
Bob Hoffman
 
Default oops, or how to bring a datacenter router down with one setting

---------------------------------------------------------
Dennis Jacobfeuerborn wrote
/Fri Feb 10 06:47:22 EST 2012/

On 02/10/2012 12:54 AM, Bob Hoffman wrote:
>/ so I gave up on bonding.
/>/ I found about 300 posts showing eth0 and eth1 both pointing to br0 (bridge)
/>/ as interfaces.
/>/ I followed them correctly, or so I thought.
/>/ I pointed both ethx to the bridge, restarted network and bam...!!!
/
Bonding and bridging are completely different things. If you want to start
bonding then you should first start with simply bonding the two interfaces
and only once you got that going add the bridge and then add the bond0
device to it.

Regards,
Dennis

-----------------------------------------------------------

Yea, I gave up on bonding, ended up just using eth1. But every tutorial
I found had added eth0 and eth1 as interfaces to br0, thus sharing the
bridge so to speak.
All the tutorials were for debian though, all the centos ones ended up
pointing each eth to a different cridge (br0 and br1)
So I tried it....bam, took down router in less than a second.

I did not add a domain= setting in the bridge though. With network
manager off completely I thought I would not need too.
Looking at the resolv.conf it was overwritten anyway and since no domain
was listed, it said
"search belkin"
search belkin

I assume that was the datacenters router....

I was not bonding at this time. I am wondering though why the network
manager overwrites resolv.conf if NM is off, all ifcfg files say
nm_controlled=no, and chkconfig NetworkManager off was run.

It is not that way on my 5.x, but I guess things change. I wonder if
that was messing my bond experiment up too without me knowing it.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 01:18 PM
 
Default oops, or how to bring a datacenter router down with one setting

Bob Hoffman wrote:
> Dennis Jacobfeuerborn wrote
> /Fri Feb 10 06:47:22 EST 2012/
>
> On 02/10/2012 12:54 AM, Bob Hoffman wrote:
>>/ so I gave up on bonding.
> />/ I found about 300 posts showing eth0 and eth1 both pointing to br0
> (bridge)
> />/ as interfaces.
> />/ I followed them correctly, or so I thought.
> />/ I pointed both ethx to the bridge, restarted network and bam...!!!
<snip>
>
> I was not bonding at this time. I am wondering though why the network
> manager overwrites resolv.conf if NM is off, all ifcfg files say
> nm_controlled=no, and chkconfig NetworkManager off was run.

dhcp running? That will update resolv.conf; NM not needed.

mark

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 02:06 PM
Dennis Jacobfeuerborn
 
Default oops, or how to bring a datacenter router down with one setting

On 02/10/2012 02:54 PM, Bob Hoffman wrote:
>
> ---------------------------------------------------------
> Dennis Jacobfeuerborn wrote
> /Fri Feb 10 06:47:22 EST 2012/
>
> On 02/10/2012 12:54 AM, Bob Hoffman wrote:
>> / so I gave up on bonding.
> />/ I found about 300 posts showing eth0 and eth1 both pointing to br0 (bridge)
> />/ as interfaces.
> />/ I followed them correctly, or so I thought.
> />/ I pointed both ethx to the bridge, restarted network and bam...!!!
> /
> Bonding and bridging are completely different things. If you want to start
> bonding then you should first start with simply bonding the two interfaces
> and only once you got that going add the bridge and then add the bond0
> device to it.
>
> Regards,
> Dennis
>
> -----------------------------------------------------------
>
> Yea, I gave up on bonding, ended up just using eth1. But every tutorial
> I found had added eth0 and eth1 as interfaces to br0, thus sharing the
> bridge so to speak.
> All the tutorials were for debian though, all the centos ones ended up
> pointing each eth to a different cridge (br0 and br1)

What are you actually trying to accomplish? You still seem to mix bonding
and bridging willy nilly as if they are somehow related. They are not.

Regards,
Dennis
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 02:25 PM
Bob Hoffman
 
Default oops, or how to bring a datacenter router down with one setting

/
=================================
Dennis Jacobfeuerborn wrote

/>/ Yea, I gave up on bonding, ended up just using eth1. But every tutorial
/>/ I found had added eth0 and eth1 as interfaces to br0, thus sharing the
/>/ bridge so to speak.
/>/ All the tutorials were for debian though, all the centos ones ended up
/>/ pointing each eth to a different cridge (br0 and br1)
/
What are you actually trying to accomplish? You still seem to mix bonding
and bridging willy nilly as if they are somehow related. They are not.

Regards,
Dennis
==================================

Nothing at all to do with bonding. Not at all.
eth1 to br0 , eth0 to br0....that's all.
If that is possible, I see no reason for a bond at all.
I just want to make sure if an NIC fails, the other one is still working
while I am asleep and not a care in the world.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 02:41 PM
Dennis Jacobfeuerborn
 
Default oops, or how to bring a datacenter router down with one setting

On 02/10/2012 04:25 PM, Bob Hoffman wrote:
> /
> =================================
> Dennis Jacobfeuerborn wrote
>
> />/ Yea, I gave up on bonding, ended up just using eth1. But every tutorial
> />/ I found had added eth0 and eth1 as interfaces to br0, thus sharing the
> />/ bridge so to speak.
> />/ All the tutorials were for debian though, all the centos ones ended up
> />/ pointing each eth to a different cridge (br0 and br1)
> /
> What are you actually trying to accomplish? You still seem to mix bonding
> and bridging willy nilly as if they are somehow related. They are not.
>
> Regards,
> Dennis
> ==================================
>
> Nothing at all to do with bonding. Not at all.
> eth1 to br0 , eth0 to br0....that's all.
> If that is possible, I see no reason for a bond at all.
> I just want to make sure if an NIC fails, the other one is still working
> while I am asleep and not a care in the world.

Bridging doesn't do that. You need bonding for this.

Regards,
Dennis
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 02:53 PM
Bob Hoffman
 
Default oops, or how to bring a datacenter router down with one setting

/ =================================
/>/ Dennis Jacobfeuerborn wrote/>/
/>/ Nothing at all to do with bonding. Not at all.
/>/ eth1 to br0 , eth0 to br0....that's all.
/>/ If that is possible, I see no reason for a bond at all.
/>/ I just want to make sure if an NIC fails, the other one is still working
/>/ while I am asleep and not a care in the world.
/
Bridging doesn't do that. You need bonding for this.

Regards,
Dennis

====================================
That may be true, I am no expert at all, but I can find you literally
hundreds of how-tos out there all specifically adding two or more ethx
interfaces to the same bridge. hundreds.
So, I thought it would be safe to do.
But obviously it is dangerous or I messed up real well..lol

https://www.google.com/search?q=brctl+eth0+eth1+br0&btnG=Search&oe=utf-8&rls=org.mozilla%3Aen-US%3Aofficial&client=firefox-a&gbv=1&sei=-zs1T47wJJCd0gGctMSaAg

google search with a lot of the how-tos i was following.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 03:22 PM
Devin Reade
 
Default oops, or how to bring a datacenter router down with one setting

Bob,

I'd suggest you do some more reading on the purpose behind bonding
and bridging. It *sounds* like what you functionally need is
to have a server with a single route upstream, not acting as
a gateway, but where you want to be able to take a failure on
one of the upstream network connections without losing connectivity.

If that is true, then look at bonding.

Bridging is typically used if you want to have a machine, perhaps
acting as a transparent firewall join two physical network segments
as if they are one logical network. It has nothing to do with
network redundancy.

Note that bonding will only solve the redundancy problem if your
upstream switches are redundant and all the upstream connections
from there are redundant as well. (Bonding can have other purposes
as well, such as increasing throughput, but I don't think that's
relevent here.)

As an aside (and in case you run into it in your reading), multihoming
is another way to receive redundancy, but unless you are an expert
(or at least very experienced) in networking including DNS, routing,
and exterior gateway protocols, as well as having your own ASN and
directly assigned network blocks, then Don't Go There. And this
type of multihoming is typically used only on border gateways.
(Also, if you do multihoming wrong and start flapping then your
peer networks will typically blacklist you and you lose *all*
connectivity.)

Devin

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-10-2012, 08:33 PM
Devin Reade
 
Default oops, or how to bring a datacenter router down with one setting

--On Friday, February 10, 2012 01:49:05 PM -0600 Les Mikesell
<lesmikesell@gmail.com> wrote:

> I suppose it is possible for a NIC to fail, but I can't recall actually
> ever seeing it. I've seen lots of complicated failover schemes introduce
> new problems and their own failure modes [...]

+1.

Redundancy is cool. Redundancy, when needed and properly implemented,
can work and can save your bacon. However, it is expensive, time
consuming, and significantly increases both the complexity of a
system and the skill needed to analyze problems (or for that matter
predict them and plan for mitigation strategies). It also needs
to be exercised on a regular basis or, when you need it, you'll
find that someone has made a bad configuration change that prohibits
failover.

I, also, have not seen a properly tested NIC fail in quite a few years.
(I'm discounting bad NIC models that don't pass evaluation.) Of course,
just because I've not seen it doesn't mean it can't happen, but I also
don't usually worry about having a redundant SERIAL back-channel for
cluster hearbeat operations, which used to be considered as the only
reasonable way to do things.

I do have clusters where bonding is in use but those have helped not so
much in avoiding NIC failures as they do in allowing the machines
to continue operating as the network team brings down part of the
redundant switch network for maintenance (or to replace a failed switch,
or when some fool decides that they can unplug a network cable
briefly so that they can move other cables around).

Devin

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 06:54 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org