[Bridge] MAC intermittently being learnt on wrong port

Robert LeBlanc robert at leblancnet.us
Mon Jan 11 09:16:15 PST 2010


On Thu, Jan 7, 2010 at 8:25 PM, Ryan King <ryank at staff.globaldial.com>wrote:

>  Hi,
>
>
>
> I am seeing a strange issue with a fairly simple bridge I have setup (for
> openvpn in bridge mode).
>
>
>
> eth0 ---  [ openvpn machine  (tap0) ] --- eth1
>
>
>
> The bridge is between tap0 and eth1 on a debian machine running on ESX 4.
> (tap0 being the openvpn tunnel interface).  Intermittently, I see openvpn
> client MAC addresses on port 2 (eth1).  When this happens, their vpn link
> stops working, since arp replies are being sent back via the wrong
> interface.  But after a random amount of time, it will change back to port 1
> (tap0) and start working again.  Sometimes this is quick, sometimes it
> doesn't happen for hours.
>
>
>
> Anyone else had these issues?  I've searched the archives, and come across
> several people who seem to have had similar problems - but haven't found one
> that has a solution yet.
>
>
>
> I'd appreciate any suggestions on where I should start looking to find out
> why/how these MAC's are being learnt on the wrong interface...
>
>
>
>
>
> brctl show br0:
>
>
>
> bridge name      bridge id                              STP enabled
> interfaces
>
> br0                         8000.005056b804c2
> no                           eth1
>
>
> tap0
>
>
>
>
>
> brctl showstp br0:
>
>
>
> br0
>
>  bridge id                             8000.005056b804c2
>
>  designated root              8000.005056b804c2
>
>  root port
> 0                                           path
> cost                                0
>
>  max age
> 20.00                                   bridge max age
> 20.00
>
>  hello time
> 2.00                                     bridge hello time
> 2.00
>
>  forward delay                     5.00
> bridge forward delay        5.00
>
>  ageing time                       300.01
>
>  hello timer
> 1.19                                     tcn
> timer                                0.00
>
>  topology change timer    0.00                                     gc
> timer                                  2.19
>
>  flags
>
>
>
>
>
> eth1 (2)
>
>  port id                 8002
> state                           forwarding
>
>  designated root              8000.005056b804c2         path
> cost                             100
>
>  designated bridge          8000.005056b804c2         message age
> timer            0.00
>
>  designated port              8002
> forward delay timer          0.00
>
>  designated cost
> 0                                           hold
> timer                             0.19
>
>  flags
>
>
>
> tap0 (1)
>
>  port id                 8001
> state                           forwarding
>
>  designated root              8000.005056b804c2         path
> cost                             100
>
>  designated bridge          8000.005056b804c2         message age
> timer            0.00
>
>  designated port              8001
> forward delay timer          0.00
>
>  designated cost
> 0                                           hold
> timer                             0.19
>
>  flags
>
>
>
>
>
> eg:
>
> brctl showmacs br0:
>
>
>
> port no mac addr                             is local?
> ageing timer
>
>   2            00:50:56:b8:04:c2             yes
> 0.00
>
>   1            00:ff:46:97:7f:d5               yes
>    0.00
>
>   2            7a:6e:9f:28:12:79              no
>    0.56
>
>
>
> 7a:6e:9f:28:12:79 -- the openvpn client
>
> 00:ff:....   -- tap0
>
> 00:50:56...   -- eth1
>
>
>
>
>
>
>
>
>
>
>
> Thanks,
>
>
>
> Ryan
>
I too am seeing this problem, I've tested with Lenny and Squeeze on ESX 4
and still see the same problem. I am anxiously awaiting some help on how to
troubleshoot the problem. This is a big hang up for me. I don't know if the
virtual switch is sending out multiple replies or what, I'm going to set
this up on some physical hardware and compare. I don't know what else to do.

Thanks,

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/bridge/attachments/20100111/adf9fb34/attachment.htm 


More information about the Bridge mailing list