[pve-devel] Port BR_GROUPFWD_RESTRICTED patch for Layer 1-esque Linux Bridge forwarding

Jesus Llorente jesus.llorente at gmail.com
Fri Aug 24 09:00:52 CEST 2018


Hello,

I am working on a scenario that uses virtual machines to run a switch
appliance. The aim of my test is not performance, but to test different
configurations and network models. However, I have stumbled upon something
that depends on the kernel which is making Linux bridges consume link local
multicast packets (LLDP, LACP, etc) in compliance with 802.3ad

In this patch
https://lists.linuxfoundation.org/pipermail/bridge/2015-January/009291.html
they removed a hard-coded restriction so that the behavior of the bridge
can be then controlled from the OS with the variable
/sys/class/net/$brname/bridge/group_fwd_mask

In this post, the author explains the different values this variable can
take, according to what we are trying to allow/restrict.
https://interestingtraffic.nl/2017/11/21/an-oddly-specific-post-about-group_fwd_mask

I would like to suggest porting this patch to the pve kernel to remove all
the restrictions and enable full transparent bridging (point-to-point like
links) across devices, in a Layer 1 fashion.

PS: Thank you for your amazing work!!



More information about the pve-devel mailing list