[pve-devel] PATCH: Add support for bridges with more than one physical link.

Pablo Ruiz pablo.ruiz at gmail.com
Wed Feb 12 09:55:49 CET 2014 

That's what MSTP/PVSTP+ is supposed to avoid. (And infact, it does so in
our environment).. however, it requires switches with such capability.


On Wed, Feb 12, 2014 at 9:53 AM, Andrew Thrift <andrew at networklabs.co.nz>wrote:

> While this is a very neat way to load balance vlan traffic, it could be
> dangerous.
>
> You are effectively allowing users to create a loop. Unless they have
> their switches and spanning tree configured correctly upstream of the host,
> they could create a large broadcast storm on their network, likely knocking
> out other hosts and switches control planes.
>
> It is the same as looping a cable between two ports on a switch that does
> not have edge-safeguard functionality.
>
> Just my 2c.
>
>
>
>
> On Wed, Feb 12, 2014 at 6:28 PM, Pablo Ruiz <pablo.ruiz at gmail.com> wrote:
>
>> Hi,
>>
>> In our proxmox cluster, each node has two bond interfaces, and each bond
>> interface connects to and independent switch. This allows us to enable
>> MSTP/PVSTP+ and thus load share traffic on different vlans across switches.
>>
>>                                   +==========+
>>                                    |  SWITCH-A  |---,
>>                                   +==========+   |
>>       +=======+                   |                 |
>>       |               |-----(bond1)--´                 |
>> -----|  Node-X  |                                  (trunk)
>>       |               |-----(bond2)--,                 |
>>       +=======+                   |                 |
>>                                   +==========+   |
>>                                    |  SWITCH-B  |---´
>>                                   +==========+
>>
>> In this setup, we have a couple of vlans (iSCSI-A & iSCSI-B) each which
>> has been priorized (by means of MSTP/PVST) on each switch. Also, proxmox's
>> internal (software) bridges have STP disabled (so they do not conflict with
>> MSTP's traffic). With this setup we are able to achieve full-redundant
>> network interconnects, while at the same time using both links/bonds for
>> iSCSI traffic (with multipath+round-robin).
>>
>> However, proxmox's current code doesnt allow bridges with more than one
>> physical interface, something we had to apply an small enhacement to
>> proxmox in order to setup our cluster as stated.
>>
>> We would like to have this enhacement merged into proxmox, and so I've
>> read about proxmox development policies, etc. And as stated here is the
>> link containing a diff format patch:
>> https://github.com/pruiz/pve-common/commit/ce0173a1079e4fc8bb08d9eebd1df71f0f8dc3fe.diff aswell
>> as the prettified diff from github:
>> https://github.com/pruiz/pve-common/commit/ce0173a1079e4fc8bb08d9eebd1df71f0f8dc3fe
>>
>> This code has been in production for little more than a month with no
>> issues. But, please let me know what maybe missing and/or what amendments
>> needs to be done in order for this patch to be accepted into proxmox.
>>
>> Best regards,
>> Pablo
>>
>> PD: I'll be sending the signed contribution aggrement by tomorrow, as
>> soon as I get to my office. As I hope to send another contribution
>> regarding ZFS plugin next.
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel at pve.proxmox.com
>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20140212/fcd90370/attachment.htm>

More information about the pve-devel mailing list