Hello,
I try to find a solution for the following problem:
I have a Linux-box with two network cards, let’s say eth0 and eth1. I want to bridge them together using the brctl command.
Configuration 1 (working):
eth0 is connected to to my backbone switch (CISCO 3750) which runs the spanning protocol for let’s say vlan 600 and has the priority of 4696 (CISCO alwas adds the vlan-id to the basic priority i.e. here 4096) for that specific vlan. The switch is configured for this interface in access mode to vlan 600.
eth1 is connected to my test workstation.
Commands on Linux-box:
ifconfig eth0 up
ifconfig eth1 up
brctl addbr br600
ifconfig br600 up
brctl stp br600 on
brctl setbridgeprio br600 32768
brctl addif br600 eth0
brctl addif br600 eth1
At first, eth0 and eth1 jump into learning state and after 60 seconds in forwarding state. Now I have access from my test workstation to the hosts on vlan 600 behind my backbone switch.
The output of “brctl showstp br600” shows, that everything is working fine:
br600
bridge id 8000.0800062815f6
designated root 01f4.000bfd4d0800 (OK!That’s the id of my backbone switch)
root port 1 path cost 100
max age 4.00 bridge max age 4.00
hello time 1.00 bridge hello time 1.00
forward delay 4.00 bridge forward delay 4.00
ageing time 300.00 gc interval 4.00
hello timer 0.84 tcn timer 0.00
topology change timer 0.00 gc timer 1.84
flags
eth0 (1)
port id 8001 state forwarding
designated root 01f4.000bfd4d0800(OK!) path cost 100
designated bridge 01f4.000bfd4d0800(OK!) message age timer 0.00
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.84
flags
eth1 (2)
port id 8002 state forwarding
designated root 01f4.000bfd4d0800(OK!) path cost 100
designated bridge 01f4.000bfd4d0800(OK!) message age timer 0.00
designated port 8002 forward delay timer 0.00
designated cost 0 hold timer 0.84
flags
That’s the way it should be …
Now configuration 2 (NOT WORKING):
eth0 is again connected to to my backbone switch which still runs the spanning protocol for vlan 600 and still has the priority of 4696. The switch is configured for this interface in trunk mode with 801.q encapsultion enabled. Vlan 600 is the only vlan permitted on that trunk.
eth1 remians connected to my test workstation.
We are connected to a trunk, therefore we need at first vconfig:
ifconfig eth0 up
vconfig add eth0 600
ifconfig eth0.600 up
And now the rest:
ifconfig eth1 up
brctl addbr br600
ifconfig br600 up
brctl stp br600 on
brctl setbridgeprio br600 32768
brctl addif br600 eth0.600
brctl addif br600 eth1
What happens now? Again, eth0.600 and eth1 jump into learning state and after 60 seconds in forwarding state and again I have access from my test workstation to the hosts on vlan 600 behind my backbone switch.
But the output of “brctl showstp br600” shows, that only parts are working fine:
br600
bridge id 8000.0800062815f6
designated root 8000.0800062815f6 (ERROR!!!My backbone switch with the id 01f4.000bfd4d0800 is completely ignored)
root port 0 path cost 100 ((ERROR!!!Root port=0, therefore no other switches are detected)
max age 4.00 bridge max age 4.00
hello time 1.00 bridge hello time 1.00
forward delay 4.00 bridge forward delay 4.00
ageing time 300.00 gc interval 4.00
hello timer 0.84 tcn timer 0.00
topology change timer 0.00 gc timer 1.84
flags
eth0.600 (1)
port id 8001 state forwarding
designated root 8000.0800062815f6 (ERROR!) path cost 100
designated bridge 8000.0800062815f6 (ERROR!) message age timer 0.00
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.84
flags
eth1 (2)
port id 8002 state forwarding
designated root 8000.0800062815f6 (ERROR!) path cost 100
designated bridge 8000.0800062815f6 (ERROR!) message age timer 0.00
designated port 8002 forward delay timer 0.00
designated cost 0 hold timer 0.84
flags
All that means, that the interface eth0.600 (vlan interface connected to the trunk) port is working. Bridge forwarding is running. But spanning tree is NOT WORKING AT ALL!!!
To make it drastically clear (and I’ve tried it!!!):
If you connect eth1 to a switch (of course with spanning tree for vlan 600 enabled) and from thatone back to the backbone switch, you create a nice network loop with extensive network load, resulting into an overloaded, unusable network!!!
I’ve experienced a second effect: In a different configuration, I tried to used “ip route” to route IP-traffic via vlan 600. That doesn’t work either!
What I’ve checked:
- All configurations had been properly working in SuSE 11.0
- I’ve tried the new SuSE 12.1 along with 11.3. Same mess!
- ebtables is inactive, not even installed!
- I’ve recompiled the kernel to kick out GARP, because in the kernel, there was suddenly GARP active. Has anyone an idea what this was(is) for?
- I’ve tried different NIC’s
- I’ve tried different switches
Ok, that’s the end of my wisdom. If anyone has an idea, please let me know; Help is deeply appreciated.
My personal “only way out” is to find the 11.0DVD and go back to SuSE 11.0 :-((.
Thanks a lot in advance!