[j-nsp] [c-nsp] LACP between router VMs (James Bensley)

adamv0025 at netconsultings.com adamv0025 at netconsultings.com
Sun Nov 12 08:36:59 EST 2017


> Chris Burton
> Sent: Saturday, November 11, 2017 11:50 PM
> 
> This has been discussed a few times on this list and other forums. That being
> said, if you are looking to do this with Linux bridge you will need to modify
> the net/br_private.h header library to remove the mask restriction placed on
> using group_fwd_mask setting in /sys/class/net and recompile the kernel to
> allow it forward LACP BPDU's.
> 
My question regarding the Linux bridge was out of curiosity and to my surprise spawned a very fruitful discussion which I learned a lot from. 
So thank you everyone. 
I'm actually using OVS and the "sudo ovs-vsctl set bridge br-1 other-config:forward-bpdu=true" did the trick. 

> If you are looking to use Openvswitch you can do as Sergio mentioned and
> set the OVS bridge to allow forwarding of LACP BPDU's after you manually
> add each interface, but if you want to use the default vmx.sh script to bind
> the interfaces with OVS you will need to modify the config/vmx-
> junosdev.conf file and add in "use_ovs_transport: True" as a key, and
> depending on what version of OS you are running (I presume Ubuntu 16.04)
> you may also need to modify the sub-script that vmx.sh --bind-dev calls to
> prevent it from checking for the "openvswitch-datapath-source" package. I
> have only tested OVS 2.6 (Ubuntu cloud repo) with version 16.1 of VMX, but
> unless the sub-scripts are different for earlier or later versions it should work
> (but it is unlikely to be supported since I do not see mention of using OVS in
> any of the official Juniper documents, and they likely will not support this
> even if OVS is supported as it breaks standards, same goes for LB mod's).
> 
I'm not using any juniper scripts at all, I need complete control about all aspects of the setup and there are VMs of different vendors so I'm using custom scripts and procedures to create XMLs, define and start VMs and to interconnect them in OVS. 


> It should be understood though that you are breaking standards
> compatibility and could create massive problems on the network, so running
> this type of configuration outside of a lab environment should fall under the
> do not do it category. If you are going to do this production you should use
> physical NICs and SR-IOV with VF’s which eliminates the issue as was
> mentioned by James.
> 
As I mentioned earlier, I don't need to talk LACP to PF just LACP between VFs. 
Can you elaborate on the "breaking standards compatibility" please? 
In my setup I just need hundreds of simple p2p links (basically emulating fibres) between VMs so I need the OVS (or other bridge) not to intervene.   


adam




More information about the juniper-nsp mailing list