hi,
On Wed, Feb 01, 2006 at 06:42:47PM +0400, Bruno Carnazzi wrote:
> I use OpenBSD/i386 3.8 with GENERIC.MP.
trunk(4) support in OpenBSD 3.8 was quite new and there were some
bugfixes and improvements during the last development cycle. these
fixes, like trunkproto failover and multicast support for things like
pfsync or carp, will be available in OpenBSD 3.9.
> I use a trunk interface based on 2 physical devices as you can see here :
>
-//-
> trunk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> lladdr 00:02:a5:29:15:f0
> trunk: trunkproto roundrobin
> trunkport xl0
> trunkport fxp0 master
> groups: trunk egress
> media: Ethernet autoselect
> status: active
> inet 172.20.3.100 netmask 0xfffffe00 broadcast 172.20.3.255
>
-//-
> fxp0 at pci0 dev 2 function 0 "Intel 82557" rev 0x08, i82559: apic 8
> int 11 (irq 11), address 00:02:a5:29:15:f0
> inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
-//-
> xl0 at pci0 dev 5 function 0 "3Com 3c905C 100Base-TX" rev 0x78: apic 8
> int 5 (irq 5)xl0: reset didn't complete
> , address 00:0a:5e:5a:c9:a4
> exphy0 at xl0 phy 24: 3Com internal media interface
> xl0: reset didn't complete
there's a problem with your 3com nic which is not related to trunk,
you should replace the nic ie. with a second fxp(4).
> With this configuration, I can see small network pauses (1s) when
> SSHing or downloading something through the local running squid. I
> figure the trunk works this way : packet are sent through the member
> interfaces with the trunk IP address and with the master NIC MAC@ and
> packet are received on all trunk members thanks to the promiscuous
> mode. As my NIC are plugged on the same L2 switch (for testing
> purpose, maybe I'll use 2 different switch on a production
> configuration), I suggest it bothers the switch with the same MAC@ on
> 2 ports. All error counters are null on this switch. I didn't
> configure something like etherchannel or 802.3ad on these interface.
>
trunk(4) operates on layer 2, it is (not yet) related to any IP stuff.
it uses one MAC address borrowed from the master interface (currently
the first trunkport you add). in roundrobin mode, it distributes the
outgoing packets through all attached and active interfaces and
receives packets for this MAC from any active port. as you noticed,
your switch will get confused if you don't configure a trunk group
(cizzco calls it etherchannel or port group; hp procurve calls it
trunk).
OpenBSD 3.8 only supported trunk(4) in roundrobin mode, but i added a
failover mode in 3.8-current for the next release. failover mode only
uses the first active interface (primarily the master interface) for
packet distribution and does a failover to the next active interface
if the port's state link goes down. this works with "stupid" switches
or even hubs. the switch will probably take some time to learn the mac
address on a new port but only once in case of a failover.
IEEE 802.3ad is not supported at the moment, it just works fine in
simple roundrobin or in failover mode without any dynamic link
aggregation protocols (i don't really see the point for 802.3ad at the
moment, it adds no benefit just some dynamic "plug and play" foo).
> Does trunk operate this way ? Is there a way to avoid this phenomenon ?
>
- try again with enabling a trunk group on your switch
- try again with 3.9-beta
- try again in failover mode
my development is focussed on hp procurve switches because their trunk
implementation works pretty well and i can probably play with
802.3ad/LACP later (and they use openssh in their switches ;-)).
examples:
(1) openbsd trunkproto roundrobin <-> hp trunk
HPswitch(config)# no interface c4-c5 lacp
HPswitch(config)# interface c4-c5 trk1 trunk
openbsd# ifconfig trunk0
trunk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5a:9f:31:d6
trunk: trunkproto roundrobin
trunkport sk1
trunkport sk0 master
groups: trunk
media: Ethernet autoselect
status: active
inet6 fe80::200:5aff:fe9f:31d6%trunk0 prefixlen 64 scopeid 0x9
inet 172.23.5.70 netmask 0xffffff00 broadcast 172.23.5.255
the cizzco world is a bit more complex, ie.:
(2) openbsd trunkproto failover <-> plain cizzco 3750 switch
cizzco's 'trunk' is not related to port trunking, it's the description
for interfaces with multiple tagged and untagged vlans... don't get
confused by these terms! cizzco's trunk mode is _not_ required for
openbsd trunk(4) operation, but it's required for using tagged and
untagged 802.1q vlan(4)s on the switch ports.
cizzco3750#
interface GigabitEthernet2/0/19
description openbsdtrunkmaster
switchport trunk encapsulation dot1q
switchport trunk native vlan 300
switchport trunk allowed vlan 300-699
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet2/0/20
description openbsdtrunkfailover
switchport trunk encapsulation dot1q
switchport trunk native vlan 300
switchport trunk allowed vlan 300-699
switchport mode trunk
spanning-tree portfast trunk
!
openbsd# ifconfig trunk0
trunk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5a:9f:31:d6
trunk: trunkproto failover
trunkport sk1
trunkport sk0 master
groups: trunk
media: Ethernet autoselect
status: active
inet6 fe80::200:5aff:fe9f:31d6%trunk0 prefixlen 64 scopeid 0x9
inet 172.23.5.70 netmask 0xffffff00 broadcast 172.23.5.255
openbsd# ifconfig vlan301
vlan301: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5a:9f:31:d6
vlan: 300 parent interface: trunk0
groups: vlan
inet6 fe80::200:5aff:fe9f:31d6%vlan300 prefixlen 64 scopeid 0xc
(3) openbsd trunkproto roundrobin <-> cizzco 3512xl (old IOS 12.0)
cizzco3512#
interface FastEthernet0/1
port group 1
switchport access vlan 2
spanning-tree portfast
!
interface FastEthernet0/2
port group 1
switchport access vlan 2
spanning-tree portfast
!
openbsd# ifconfig trunk0
trunk0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:03:1d:01:a3:4e
trunk: trunkproto roundrobin
trunkport fxp1 active
trunkport fxp0 master,active
groups: trunk
media: Ethernet autoselect
status: active
inet 172.23.6.252 netmask 0xffffff00 broadcast 172.23.6.255
inet6 fe80::203:1dff:fe01:a34e%trunk0 prefixlen 64 scopeid 0x9
easy stuff!
i didn't test any other vendors. switch donations are welcome! ;)
i'll eventually add some new trunkprotos after the lock (like MAC
SA/DA, IP SA/DA, IP port) for load balancing issues. and probably
802.3ad/LACP in the far future... nevertheless, trunk(4) support in
OpenBSD 3.9 will work very well especially as a layer 2 addition for
failover scenarios with CARP+pfsync.
reyk
--
/* .vantronix|secure systems - (research & development)
* reyk floeter - friendly known free software engineer
* [EMAIL PROTECTED] - http://team.vantronix.net/reyk/
*/
