[pve-devel] [PATCH] multicast snooping bridge fixes

Alexandre DERUMIER aderumier at odiso.com
Fri Jun 21 08:55:36 CEST 2013


>>But cisco switches should work if I disable multicast_snooping on all nodes? 
Yes,no problem. (I'm running like this in production for now).

multicast_snooping enable on linux bridge do 2 thing:

- send igmp packets
- if they receive igmp packets,learning multicast group and filtering multicast traffic for the bridge.

Any bridge or physical switchs, shouldn't snoop/filtering the multicast if they don't receive igmp packets. 
(Basicly they forward all multicast traffic to all ports by default).


In production, I have multicast_snooping enabled on my cisco switchs, and my cisco switchs send igmp queries.


But it's better too to have multicast snooping enabled on linux bridge, to avoid to forward multicast traffic to all vms plugged on the bridge.

I think the 2 patchs already fixe multicast_snooping bugs. (I have see random wrong snooping of guests multicast traffic).





The last patch add the possibility to use bridge ip address as igmp quierer.

I don't known if we can use this by default.

We can have only 1 igmp querier on the network/vlan, they are an election, and the rfc said that the lowest ip should win.
Now, I don't known what is a lowest ip, if you have different network subnet for your physical switchs and linux bridge ip.

ex: my switch are 10.3.0.40/24  , my kvm bridge : 10.9.0.24/24.  what is the lowest ip ?

The patch commiter said that simply, that the first enabled igmp querier on the network keep sending the packets.
(basicaly,if another igmp querier see incoming igmp queries, it stop to send igmp queries).

I'll try the last patch on my test network, to see how it's work exactly.







----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre DERUMIER" <aderumier at odiso.com> 
Cc: pve-devel at pve.proxmox.com 
Envoyé: Jeudi 20 Juin 2013 16:31:29 
Objet: RE: [pve-devel] [PATCH] multicast snooping bridge fixes 

But cisco switches should work if I disable multicast_snooping on all nodes? 

> >>So does this work with cisco switches now? Or what settings do we need 
> >>to get reliable multicast with cisco switches (disable multicast_snooping on all 
> nodes?)? 
> 
> Not yet, I need to backport the first patch of the series, to allow sending igmp 
> with bridge ip and not 0.0.0.0. 
> (The patch add a new sys flag to enable this, I don't known if we should force to 
> use bridge ip by default for all users) 
> 
> 
> But this fix some bugs in multicast snooping inside the linux bridge, and it already 
> resolve for me some multicast problems inside my guests. 



More information about the pve-devel mailing list