<div dir="ltr">While this is a very neat way to load balance vlan traffic, it could be dangerous.<div><br></div><div>You are effectively allowing users to create a loop. Unless they have their switches and spanning tree configured correctly upstream of the host, they could create a large broadcast storm on their network, likely knocking out other hosts and switches control planes.</div>
<div><br></div><div>It is the same as looping a cable between two ports on a switch that does not have edge-safeguard functionality.</div><div><br></div><div>Just my 2c.</div><div><br></div><div><br></div></div><div class="gmail_extra">
<br><br><div class="gmail_quote">On Wed, Feb 12, 2014 at 6:28 PM, Pablo Ruiz <span dir="ltr"><<a href="mailto:pablo.ruiz@gmail.com" target="_blank">pablo.ruiz@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hi,<div><br></div><div>In our proxmox cluster, each node has two bond interfaces, and each bond interface connects to and independent switch. This allows us to enable MSTP/PVSTP+ and thus load share traffic on different vlans across switches.</div>
<div><br></div><div> +==========+</div><div> | SWITCH-A |---,</div><div> +==========+ |</div><div> +=======+ | |</div>
<div> | |-----(bond1)--´ |</div><div>-----| Node-X | (trunk)</div><div> | |-----(bond2)--, |</div><div> +=======+ | |</div>
<div><div> +==========+ |</div><div> | SWITCH-B |---´</div><div> +==========+</div></div><div><br></div><div>In this setup, we have a couple of vlans (iSCSI-A & iSCSI-B) each which has been priorized (by means of MSTP/PVST) on each switch. Also, proxmox's internal (software) bridges have STP disabled (so they do not conflict with MSTP's traffic). With this setup we are able to achieve full-redundant network interconnects, while at the same time using both links/bonds for iSCSI traffic (with multipath+round-robin).</div>
<div><br></div><div>However, proxmox's current code doesnt allow bridges with more than one physical interface, something we had to apply an small enhacement to proxmox in order to setup our cluster as stated.</div><div>
<br></div><div>We would like to have this enhacement merged into proxmox, and so I've read about proxmox development policies, etc. And as stated here is the link containing a diff format patch: <a href="https://github.com/pruiz/pve-common/commit/ce0173a1079e4fc8bb08d9eebd1df71f0f8dc3fe.diff" target="_blank">https://github.com/pruiz/pve-common/commit/ce0173a1079e4fc8bb08d9eebd1df71f0f8dc3fe.diff</a> aswell as the prettified diff from github: <a href="https://github.com/pruiz/pve-common/commit/ce0173a1079e4fc8bb08d9eebd1df71f0f8dc3fe" target="_blank">https://github.com/pruiz/pve-common/commit/ce0173a1079e4fc8bb08d9eebd1df71f0f8dc3fe</a></div>
<div><br></div><div>This code has been in production for little more than a month with no issues. But, please let me know what maybe missing and/or what amendments needs to be done in order for this patch to be accepted into proxmox.</div>
<div><br></div><div>Best regards,</div><div>Pablo</div><div><br></div><div>PD: I'll be sending the signed contribution aggrement by tomorrow, as soon as I get to my office. As I hope to send another contribution regarding ZFS plugin next.</div>
</div>
<br>_______________________________________________<br>
pve-devel mailing list<br>
<a href="mailto:pve-devel@pve.proxmox.com">pve-devel@pve.proxmox.com</a><br>
<a href="http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel" target="_blank">http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel</a><br>
<br></blockquote></div><br></div>