I am facing an issue where I have an LXC, a switch in the following configuration:
LXC container(ubuntu) <---> bridge (vmbr2) <----> physical switch port (SRIOV VF)
Whatever traffic I send from the LXC is not forwarded to the switch, I ran TCPDUMP on the host bridge vmbr2 and the ARP was received by it is not sent to the physical port.
~# tcpdump -i vmbr2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vmbr2, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:16:53.887424 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:54.895214 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:55.919213 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:56.947244 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:57.967203 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:58.995200 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:17:00.019263 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
------------------------------------------------------------------------------------------------
But this is not received by the switch port. If I ping the switch from the host it works, I receive the packets.
------------------------------------------------------------------------------------------------
ot@e:~# brctl showstp vmbr2
vmbr2
bridge id 8000.fe81614a7e59
designated root 8000.fe81614a7e59
root port 0 path cost 0
max age 20.00 bridge max age 20.00
hello time 2.00 bridge hello time 2.00
forward delay 0.00 bridge forward delay 0.00
ageing time 0.00
hello timer 0.00 tcn timer 0.00
topology change timer 0.00 gc timer 0.00
flags
enp6s0f1v1 (3)
port id 0403 state forwarding
designated root 8000.fe81614a7e59 path cost 2
designated bridge 8000.fe81614a7e59 message age timer 0.00
designated port 0403 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags
fwpr304p0 (2)
port id 8002 state forwarding
designated root 8000.fe81614a7e59 path cost 2
designated bridge 8000.fe81614a7e59 message age timer 0.00
designated port 8002 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags
-------------------------------------------------------------------------------------------------
the bridge configuration in the network file is as follows:
auto vmbr2
iface vmbr2 inet manual
bridge-ports enp6s0f1v1
bridge-stp off
bridge-fd 0
----------------------------------------------------------------------------------
The LXC container config:
# cat /etc/pve/nodes/marseille/lxc/304.conf
arch: amd64
cores: 2
features: nesting=1
hostname: CG-client-304
memory: 2048
net0: name=eth1,bridge=vmbr2,firewall=1,hwaddr=A2:A0:8E:05:57:7C,type=veth
ostype: ubuntu
rootfs: VM-DATA-NO-REP:vm-304-disk-0,size=20G
swap: 0
unprivileged: 1
---------------------------------------------------------------------
Thank you any insight into the problem.
LXC container(ubuntu) <---> bridge (vmbr2) <----> physical switch port (SRIOV VF)
Whatever traffic I send from the LXC is not forwarded to the switch, I ran TCPDUMP on the host bridge vmbr2 and the ARP was received by it is not sent to the physical port.
~# tcpdump -i vmbr2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vmbr2, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:16:53.887424 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:54.895214 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:55.919213 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:56.947244 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:57.967203 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:16:58.995200 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
10:17:00.019263 ARP, Request who-has 99-9-9-34.lightspeed.dllstx.sbcglobal.net tell 99-9-9-9.lightspeed.dllstx.sbcglobal.net, length 28
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
------------------------------------------------------------------------------------------------
But this is not received by the switch port. If I ping the switch from the host it works, I receive the packets.
------------------------------------------------------------------------------------------------
ot@e:~# brctl showstp vmbr2
vmbr2
bridge id 8000.fe81614a7e59
designated root 8000.fe81614a7e59
root port 0 path cost 0
max age 20.00 bridge max age 20.00
hello time 2.00 bridge hello time 2.00
forward delay 0.00 bridge forward delay 0.00
ageing time 0.00
hello timer 0.00 tcn timer 0.00
topology change timer 0.00 gc timer 0.00
flags
enp6s0f1v1 (3)
port id 0403 state forwarding
designated root 8000.fe81614a7e59 path cost 2
designated bridge 8000.fe81614a7e59 message age timer 0.00
designated port 0403 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags
fwpr304p0 (2)
port id 8002 state forwarding
designated root 8000.fe81614a7e59 path cost 2
designated bridge 8000.fe81614a7e59 message age timer 0.00
designated port 8002 forward delay timer 0.00
designated cost 0 hold timer 0.00
flags
-------------------------------------------------------------------------------------------------
the bridge configuration in the network file is as follows:
auto vmbr2
iface vmbr2 inet manual
bridge-ports enp6s0f1v1
bridge-stp off
bridge-fd 0
----------------------------------------------------------------------------------
The LXC container config:
# cat /etc/pve/nodes/marseille/lxc/304.conf
arch: amd64
cores: 2
features: nesting=1
hostname: CG-client-304
memory: 2048
net0: name=eth1,bridge=vmbr2,firewall=1,hwaddr=A2:A0:8E:05:57:7C,type=veth
ostype: ubuntu
rootfs: VM-DATA-NO-REP:vm-304-disk-0,size=20G
swap: 0
unprivileged: 1
---------------------------------------------------------------------
Thank you any insight into the problem.