Hide Forgot
Description of problem: Having a bond interface in 6 mode makes the server be unaccessible being in different vlans. Being the server in vlan A, when trying to: - access from another machine in the same vlan-> no problem access granted. - access from another machine in a different vlan (some of them) -> no access at all. Switching problems are discarded as the switch routes the different vlans so that the vlan tag should be the same. Server is updated. Version-Release number of selected component (if applicable): RHEL 6.0 (Santiago) - 2.6.32-71.el6.x86_64) it is installed in a HP Proliant DL360 G7 with 2 Xeon processors (E5640). How reproducible: always Steps to Reproduce: 0. disable NetworkManager and enable network service 1. after installation modify modprobe.d/bonding.conf alias bond0 bonding options bond0 mode=balance-alb miimon=100 2. create a file /etc/sysconfig/network-scripts/ifcfg-bond0 DEVICE=bond0 IPADDR=ip_from_the_server NETMASk=255.255.255.0 BROADCAST=bcast ONBOOT=yes GATEWAY=mygw DNS1=dns1 DNS1=dns2 Modify the ethernet cards so that they look like this: /etc/sysconfig/network-scripts/ifcfg-eth* DEVICE="eth1" HWADDR="68:B5:99:CD:F2:7A" #NM_CONTROLLED="yes" ONBOOT=yes SLAVE=yes MASTER=bond0 3. reboot network Actual results: Lose access to the server when bond is up trying to connect from a different vlan Expected results: Do not lose access being anywhere. Additional info:
Since RHEL 6.1 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
Is this vlan configured on the switch, or vlan configured on the network interface?
On the switch, there's nothing configured on the network interface (apart from the ip, netmask, etc)
OK, moving to the kernel; I'm not sure there's anything in the initscripts setup to do here.
If you want me to do any test or provide more info just let me know.
This sounds like its working as designed. If you configure the switch to put the ports that the server is connected to in a given vlan A, it, those switch ports won't forward traffic from other vlans. I'm not sure what exactly you mean when you say "the switch routes the vlans so that the tag is the same". Do you mean to say that other vlans pass traffic through a router that forwards the frame to vlan A at the ip layer? What would probably be best would be if you could take a tcpdump on the physical interfaces that were connected to the switch to illustrate the problem. It would be good to see traffic from a host on a different vlan arriving at the system in question. That would give us a better idea as to why the frames were getting discarded. Note the dump should be on all the physical interfaces, not the bond, so that we can see all the frames on the wire. also, does this occur without the bond in place?
Since RHEL 6.2 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
ping, any feedback on comment 7?
Ok, no response in a month. Closing due to no info
It's been months since I opened the case, sorry, your e-mail got lost in the inbox ;( Hope is still useful to provide information: The information goes like this, I hope I can be more informative this time: - the machine is connected to a switch (3com) with a 4 wire bond. - this switch is connected to another one (procurve) that has all the vlan configuration and does the routing. When a packet arrives in the switch comeing from another vlan, it changes the tag and moves it to the machines tag. Now, what I saw is that: - if the machine has the bond configured, the other clients comming from other vlans does not see it - if I unset the bond and configure just one nic with the same ip of the bond, then everything is fine. The machine is now in production, so the tests are limited. Hope I made myself clear. Thanks and sorry for answer that late. j