Bug 2128216

Summary: [RFE] add "balance-slb" bonding mode (multi chassis link aggregation (MLAG)
Product: Red Hat Enterprise Linux 9 Reporter: Thomas Haller <thaller>
Component: NetworkManagerAssignee: Thomas Haller <thaller>
Status: CLOSED ERRATA QA Contact: Matej Berezny <mberezny>
Severity: unspecified Docs Contact: Mayur Patil <maypatil>
Priority: unspecified    
Version: 9.1CC: bgalvani, lrintel, mberezny, rkhan, sfaye, sukulkar, till, vbenes
Target Milestone: rcKeywords: FutureFeature, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: NetworkManager-1.41.3-1.el9 Doc Type: Enhancement
Doc Text:
.The `balance-slb` bonding mode is now supported The new `balance-slb` bonding mode Source load balancing requires no switch configuration. The `balance-slb` divides traffic on the source ethernet address using `xmit_hash_policy`=`vlan+srcmac`, and NetworkManager adds necessary `nftables` rules for traffic filtering. As a result, you can now create bond profiles with the `balance-slb` option enabled by using NetworkManager.
 Story Points: ---
Clone Of:
: 2130240 2134429 (view as bug list) Environment:
Last Closed: 2023-05-09 08:17:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2130240, 2134429    
Attachments:
Description Flags
Patch for backporting bond.balance-slb feature to rhel-8.6 none

Description Thomas Haller 2022-09-20 08:58:01 UTC 
Trying to solve bug 1724795.

See also: [1] https://docs.google.com/document/d/138Y1NC7ILDTTj7WkAW77ZV_Z-lxwhApNGJIZZ4OX4yE/edit



OVS supports a bonding mode "balance-slb" ([2]).

[2] http://docs.openvswitch.org/en/latest/topics/bonding/#slb-bondin

This should be supported by kernel's bonding driver.
First, there is a new kernel xmit_hash_policy="vlan+srcmac".
That works with various bonding modes (LACP) that require switch configuration.

The goal is to have that working without switch configuration and `mode=balance-xor`.


Native support for this was rejected by kernel upstream 
https://lore.kernel.org/netdev/?q=add+mac+filter+option+for+balance-xor
but NACK'ed because the filtering can be done with EBPF or NFT.


There is a script to do NFT based filtering (via a NetworkManager-dispatcher script) here ([3]). However, NetworkManager-disatcher does not have the right events (carrier change) for this. Extending NetworkManager-dispatcher might be possible and useful in its own, however, such an "integration" would still be pretty bad.

[3] https://gitlab.com/egarver/virtual-networking

Instead, add native support for this to NetworkManager. Basically, NetworkManager needs to configure some NFT rules when ports to the bond get attached.
Comment 3 Thomas Haller 2022-09-28 19:18:39 UTC 
branch on review: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1385
Comment 4 Thomas Haller 2022-10-04 10:40:09 UTC 
merged upstream: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/6ef929d19fb7622b4430ecb2434b1562221c65ae
Comment 9 Thomas Haller 2023-04-24 12:55:47 UTC 
Created attachment 1959533 [details]
Patch for backporting bond.balance-slb feature to rhel-8.6

Btw, there are some WIP upstream patches for backporting the NetworkManager feature to RHEL8, see

 - th/mlag-bonding-slb-1.36
 - th/mlag-bonding-slb-1.38
 - th/mlag-bonding-slb-1.40

See for example https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commits/th/mlag-bonding-slb-1.36

Attached are those patches for rhel-8.6 dist-git (applies on top of commit 64553aa796c0fbc913704bb243418c490bca81d3).
Comment 11 errata-xmlrpc 2023-05-09 08:17:33 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (NetworkManager bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:2485