* [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs
@ 2022-02-18 16:25 Alexandre Derumier
2022-02-18 16:25 ` [pve-devel] [PATCH pve-common 1/1] network: tap_plug: fix mtu Alexandre Derumier
2022-02-26 15:42 ` [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs DERUMIER, Alexandre
0 siblings, 2 replies; 3+ messages in thread
From: Alexandre Derumier @ 2022-02-18 16:25 UTC (permalink / raw)
To: pve-devel
a forum user have reported strange bug with ovs + mtu9000 when
switching between 2 ovs bridge with different mtu. (1500 vs 9000)
https://forum.proxmox.com/threads/ovs-problem-with-mtu-9000-on-vms-assigned-to-vmbr0.105172/
I have found 2 bugs:
1) ovsint port mtu need to be set with ""ovs-vsctl set mtu-request"
(ip link set mtu 9000 don't seem to do nothing on ovs-int port, maybe this have change with last ovs version.)
fresh start of a vm 100 + firewall on ovs with mtu 9000:
153: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast master fwbr100i0 state UNKNOWN group default qlen 1000
link/ether 62:42:32:cc:a2:24 brd ff:ff:ff:ff:ff:ff
154: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 46:f6:b7:95:23:86 brd ff:ff:ff:ff:ff:ff
155: fwln100o0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr100i0 state UNKNOWN group default qlen 1000
2) when switching between 2 bridges or ovs with differents mtu, mtu are not updated on existing interfaces (veth,tap, fwbr, fwnl)
vm start : vmbr0 mtu=1500 + firewall
-----------------------------
200: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr100i0 state UNKNOWN group default qlen 1000
link/ether 62:42:32:cc:a2:24 brd ff:ff:ff:ff:ff:ff
206: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 46:f6:b7:95:23:86 brd ff:ff:ff:ff:ff:ff
207: fwpr100p0@fwln100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
link/ether 0a:2e:f5:f4:22:e3 brd ff:ff:ff:ff:ff:ff
208: fwln100i0@fwpr100p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr100i0 state UP group default qlen 1000
link/ether 96:0e:94:11:c1:45 brd ff:ff:ff:ff:ff:ff
switch to vmbr1 mtu=9000 + firewall
--------------------------------------
200: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr100i0 state UNKNOWN group default qlen 1000
link/ether 62:42:32:cc:a2:24 brd ff:ff:ff:ff:ff:ff
209: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 46:f6:b7:95:23:86 brd ff:ff:ff:ff:ff:ff
210: fwpr100p0@fwln100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue master vmbr3 state UP group default qlen 1000
link/ether 0a:2e:f5:f4:22:e3 brd ff:ff:ff:ff:ff:ff
211: fwln100i0@fwpr100p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue master fwbr100i0 state UP group default qlen 1000
link/ether 96:0e:94:11:c1:45 brd ff:ff:ff:ff:ff:ff
Alexandre Derumier (1):
network: tap_plug: fix mtu
src/PVE/Network.pm | 30 ++++++++++++++++++++----------
1 file changed, 20 insertions(+), 10 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 3+ messages in thread
* [pve-devel] [PATCH pve-common 1/1] network: tap_plug: fix mtu
2022-02-18 16:25 [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs Alexandre Derumier
@ 2022-02-18 16:25 ` Alexandre Derumier
2022-02-26 15:42 ` [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs DERUMIER, Alexandre
1 sibling, 0 replies; 3+ messages in thread
From: Alexandre Derumier @ 2022-02-18 16:25 UTC (permalink / raw)
To: pve-devel
- ovsint port mtu need to be set with ""ovs-vsctl set mtu-request"
- update mtu on already existing interfaces (fwbr,fwln,tap,veth)
if existing tap|veth interface is replugged on a different mtu bridge
---
src/PVE/Network.pm | 30 ++++++++++++++++++++----------
1 file changed, 20 insertions(+), 10 deletions(-)
diff --git a/src/PVE/Network.pm b/src/PVE/Network.pm
index d4d72d4..56ade27 100644
--- a/src/PVE/Network.pm
+++ b/src/PVE/Network.pm
@@ -211,6 +211,11 @@ sub disable_ipv6 {
my $bridge_add_interface = sub {
my ($bridge, $iface, $tag, $trunks) = @_;
+ my $bridgemtu = read_bridge_mtu($bridge);
+ eval {
+ PVE::Tools::run_command(['/sbin/ip', 'link', 'set', $iface, 'mtu', $bridgemtu]);
+ };
+
# drop link local address (it can't be used when on a bridge anyway)
disable_ipv6($iface);
iface_set_master($iface, $bridge);
@@ -251,6 +256,9 @@ my $ovs_bridge_add_port = sub {
push @$cmd, "trunks=". join(',', $trunks) if $trunks;
push @$cmd, "vlan_mode=native-untagged" if $tag && $trunks;
+ my $bridgemtu = read_bridge_mtu($bridge);
+ push @$cmd, '--', 'set', 'Interface', $iface, "mtu_request=$bridgemtu";
+
if ($internal) {
# second command
push @$cmd, '--', 'set', 'Interface', $iface, 'type=internal';
@@ -263,9 +271,12 @@ my $ovs_bridge_add_port = sub {
};
my $activate_interface = sub {
- my ($iface) = @_;
+ my ($iface, $mtu) = @_;
+
+ my $cmd = ['/sbin/ip', 'link', 'set', $iface, 'up'];
+ push (@$cmd, ('mtu', $mtu)) if $mtu;
- eval { run_command(['/sbin/ip', 'link', 'set', $iface, 'up']) };
+ eval { run_command($cmd) };
die "can't activate interface '$iface' - $@\n" if $@;
};
@@ -309,8 +320,8 @@ sub veth_create {
# up vethpair
disable_ipv6($veth);
disable_ipv6($vethpeer);
- &$activate_interface($veth);
- &$activate_interface($vethpeer);
+ &$activate_interface($veth, $bridgemtu);
+ &$activate_interface($vethpeer, $bridgemtu);
}
sub veth_delete {
@@ -328,8 +339,10 @@ my $create_firewall_bridge_linux = sub {
my ($vmid, $devid) = &$parse_tap_device_name($iface);
my ($fwbr, $vethfw, $vethfwpeer) = &$compute_fwbr_names($vmid, $devid);
+ my $bridgemtu = read_bridge_mtu($bridge);
+
&$cond_create_bridge($fwbr);
- &$activate_interface($fwbr);
+ &$activate_interface($fwbr, $bridgemtu);
copy_bridge_config($bridge, $fwbr);
veth_create($vethfw, $vethfwpeer, $bridge);
@@ -349,15 +362,12 @@ my $create_firewall_bridge_ovs = sub {
my $bridgemtu = read_bridge_mtu($bridge);
&$cond_create_bridge($fwbr);
- &$activate_interface($fwbr);
+ &$activate_interface($fwbr, $bridgemtu);
&$bridge_add_interface($fwbr, $iface);
&$ovs_bridge_add_port($bridge, $ovsintport, $tag, 1, $trunks);
- &$activate_interface($ovsintport);
-
- # set the same mtu for ovs int port
- PVE::Tools::run_command(['/sbin/ip', 'link', 'set', $ovsintport, 'mtu', $bridgemtu]);
+ &$activate_interface($ovsintport, $bridgemtu);
&$bridge_add_interface($fwbr, $ovsintport);
};
--
2.30.2
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs
2022-02-18 16:25 [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs Alexandre Derumier
2022-02-18 16:25 ` [pve-devel] [PATCH pve-common 1/1] network: tap_plug: fix mtu Alexandre Derumier
@ 2022-02-26 15:42 ` DERUMIER, Alexandre
1 sibling, 0 replies; 3+ messages in thread
From: DERUMIER, Alexandre @ 2022-02-26 15:42 UTC (permalink / raw)
To: pve-devel
Any comment about this patch ?
Forum user have tested it, and it's correctly fixing his mtu problem.
Le vendredi 18 février 2022 à 17:25 +0100, Alexandre Derumier a écrit :
> a forum user have reported strange bug with ovs + mtu9000 when
> switching between 2 ovs bridge with different mtu. (1500 vs 9000)
> https://antiphishing.cetsi.fr/proxy/v3?i=cWdzUmRSM0ZiRHpoUDkxTSw3-
> 90dQgKDkqmWWemZ6js&r=WXNQOUY5VXRSNUlTdlVTThI4PzxOoz24vDyX_lRDxWFQYQjk
> Hq27xgjw3hQLoamBbuCSKIqia8FUio_zgv2Z4g&f=R0pWUVNEaUFuMTBCTlptbqOdxRIa
> EmX54Uku9_K8PFys74qKNMDYadHFvaTbTNhXBQ48X7FG7vbeJb39p0LVEQ&u=https%3A
> //forum.proxmox.com/threads/ovs-problem-with-mtu-9000-on-vms-
> assigned-to-vmbr0.105172/&k=8YLU
>
> I have found 2 bugs:
>
> 1) ovsint port mtu need to be set with ""ovs-vsctl set mtu-request"
>
> (ip link set mtu 9000 don't seem to do nothing on ovs-int port, maybe
> this have change with last ovs version.)
>
>
> fresh start of a vm 100 + firewall on ovs with mtu 9000:
>
> 153: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 9000
> qdisc pfifo_fast master fwbr100i0 state UNKNOWN group default qlen
> 1000
> link/ether 62:42:32:cc:a2:24 brd ff:ff:ff:ff:ff:ff
> 154: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 46:f6:b7:95:23:86 brd ff:ff:ff:ff:ff:ff
> 155: fwln100o0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue master fwbr100i0 state UNKNOWN group default qlen 1000
>
>
> 2) when switching between 2 bridges or ovs with differents mtu, mtu
> are not updated on existing interfaces (veth,tap, fwbr, fwnl)
>
>
> vm start : vmbr0 mtu=1500 + firewall
> -----------------------------
> 200: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500
> qdisc pfifo_fast master fwbr100i0 state UNKNOWN group default qlen
> 1000
> link/ether 62:42:32:cc:a2:24 brd ff:ff:ff:ff:ff:ff
> 206: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 46:f6:b7:95:23:86 brd ff:ff:ff:ff:ff:ff
> 207: fwpr100p0@fwln100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
> qdisc noqueue master vmbr0 state UP group default qlen 1000
> link/ether 0a:2e:f5:f4:22:e3 brd ff:ff:ff:ff:ff:ff
> 208: fwln100i0@fwpr100p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
> qdisc noqueue master fwbr100i0 state UP group default qlen 1000
> link/ether 96:0e:94:11:c1:45 brd ff:ff:ff:ff:ff:ff
>
>
> switch to vmbr1 mtu=9000 + firewall
> --------------------------------------
>
> 200: tap100i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500
> qdisc pfifo_fast master fwbr100i0 state UNKNOWN group default qlen
> 1000
> link/ether 62:42:32:cc:a2:24 brd ff:ff:ff:ff:ff:ff
> 209: fwbr100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 46:f6:b7:95:23:86 brd ff:ff:ff:ff:ff:ff
> 210: fwpr100p0@fwln100i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000
> qdisc noqueue master vmbr3 state UP group default qlen 1000
> link/ether 0a:2e:f5:f4:22:e3 brd ff:ff:ff:ff:ff:ff
> 211: fwln100i0@fwpr100p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000
> qdisc noqueue master fwbr100i0 state UP group default qlen 1000
> link/ether 96:0e:94:11:c1:45 brd ff:ff:ff:ff:ff:ff
>
>
>
>
> Alexandre Derumier (1):
> network: tap_plug: fix mtu
>
> src/PVE/Network.pm | 30 ++++++++++++++++++++----------
> 1 file changed, 20 insertions(+), 10 deletions(-)
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-02-26 15:43 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-18 16:25 [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs Alexandre Derumier
2022-02-18 16:25 ` [pve-devel] [PATCH pve-common 1/1] network: tap_plug: fix mtu Alexandre Derumier
2022-02-26 15:42 ` [pve-devel] [PATCH pve-common 0/1] network: tap_plug: fix mtu bugs DERUMIER, Alexandre
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox