[SOLVED] LLDP frames between vms using linux bridge?

[sookis]

Hi!
Ive got a setup with 3 arista veos machines and im trying to get lldp working.

Everything else is working as expected, switching and routing is working 100%.

I know that the linux bridge blocks lldp messages by default (sent to the LLDP_Multicast address 01-80-C2-00-00-0E) and other control frames in the 01-80-C2-00-00-xx range.) and Ive tried the setting the 'group_fwd_mask' to 0x4000 on the bridges as suggested in multiple other forums but its not working. Can anyone point me in the right direction? Anyone got this working?

 

[Stoiko Ivanov]

I just tried this here - and the '0x4000' setting for 'group_fwd_mask' works ...
What I tried:
* `tcpdump -envi ens18 not ip and not arp and not icmp` (replace ens18 by the actual physical bridge port)
* `tcpdump -envi vmbr0 not ip and not arp and not icmp` (replace vmbr0 by the bridge you're using)
wait for an lldp frame - it's only visible on ens18
* `echo '0x4000' > /sys/class/net/vmbr0/bridge/group_fwd_mask`
wait for the next lldp frame - it's visible on both ens18 and vmbr0 (and inside a vm, hooked to vmbr0)

things I'd check
* re-verify that the group_fwd_mask got set - `cat /sys/class/net/vmbr0/bridge/group_fwd_mask)
* tcpdump on bridge-ports (tap-devices for virtual guests) - to see where the frames get dropped
* disable any and all firewalls on the involved guests/hosts/switches
* make sure that LLDP is actually configured and sending out frames

I hope this helps!

 

[sookis]

Thanks for a fast reply!
The group_fwd_mask gets reset after the node is rebooted so they were in fact the default 0x0. But i still couldn't get it to work. I saw the frames in tcpdumps like you said but the neighbor-table was still empty.

I ended up just starting from scratch with your post in mind and now it works! The only thing I did different was disabling firewall when I created the nics. (I disabled them before, but not when I created them). Most likely I did something funny with the veos config the first time.