bonding with two switches

Prev: How long before alternate gateways and DNS servers kick in?
Next: Inner workings of libpcap

From: Andreas Moroder on 25 Mar 2010 09:26

---

Hello,

is it possible to activate bonding with the two NICs of a server
connected to two different switches ?

Are there special protocols the switch must support to let me do this ?

Is there documentation on how to do this with Enterasys switches ?

Thank you very much
Andreas

From: pk on 25 Mar 2010 09:39

---

Andreas Moroder <andreas.moroder@[nospam]sb-brixen.it> wrote:

> Hello,
>
> is it possible to activate bonding with the two NICs of a server
> connected to two different switches ?
>
> Are there special protocols the switch must support to let me do this ?
>
> Is there documentation on how to do this with Enterasys switches ?

You probably want active-backup mode.
Here is the documentation:

http://www.linuxfoundation.org/collaborate/workgroups/networking/bonding

From: pk on 25 Mar 2010 12:16

---

Bruce Richardson wrote:

> the pair fails). Really, if you want to connect to multiple switches
> for redundancy, you want not bonding but bridging, with switches that
> support spanning tree. What you do then is create a bridged interface,
> add the individual interfaces to the bridge, activate spanning tree on
> the bridge (and on all your switches) and let spanning tree decide which
> interface to use. This is the most resilient solution because the
> spanning tree protocol will detect the situation where your host is
> connected to an isolated switch and switch to using the other link, to
> the switch which is still properly connected.
>
> Since you should be using spanning tree in any resilient network with
> multiple switches, I'd recommend the bridge approach. Of course, you
> could have four interfaces (two dual port NICs, say), create two bonded
> interfaces (with each bond connecting to only one switch) and then add
> those two interfaces to a bridge. That would be belt and braces and an
> extra pair of trousers just in case.

The problem with bridging is that failover time is in the order of 30
seconds or so since linux bridging does not support anything else than plain
old STP (ie, no RSTP etc.). Of course the STP parameters can be tuned, but
you must know what you're doing, and you still can't get less than a few
seconds failover time.

Active-backup bonding, on the other hand, can failover in hundredths of
second with no special configuration.

But I agree with most of what you said, and I think the OP should choose
what he thinks is best for him.

From: Sidney Lambe on 25 Mar 2010 13:00

---

On comp.os.linux.networking, Bruce Richardson <itsbruce(a)uklinux.net> wrote:
> NNTP-Posting-Date: Thu, 25 Mar 2010 11:08:12 -0500
> Newsgroups: comp.os.linux.networking
> From: Bruce Richardson <itsbruce(a)uklinux.net>
> Subject: Re: bonding with two switches
> References: <hofr49$9vr$1(a)news2.dtag.de> <hofp39$r24$1(a)speranza.aioe.org>
> Organization: haphazard
> Reply-To: itsbruce(a)uklinux.net
> X-No-Archive: Yes
> User-Agent: slrn/pre0.9.9-111 (Linux)
> Mime-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> Message-ID: <slrnhqn1uq.65k.itsbruce(a)store.bruce>
> Date: Thu, 25 Mar 2010 15:57:30 +0000
> Lines: 53
> X-Usenet-Provider: http://www.giganews.com
> NNTP-Posting-Host: 195.137.89.217
> X-Trace: sv3-POK3U/FxFTpho8bU05FRwiPiTlPO8whzuF5c3oZ3fAl1YZal69O7omq/q1zaZKB1RKrRwKX9zl++1sM!EwaHO99nD3tmEPv9WhCqj1IGoQCiHGNwkMlVktVvuTbR+Gc3fytPzhh542hEB5vpyFeKiLzINwOa!PGYuqiestdeo+h7bshfinsk=
> X-Complaints-To: abuse(a)dsl.pipex.net
> X-DMCA-Complaints-To: abuse(a)dsl.pipex.net
> X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
> X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
> X-Postfilter: 1.3.40
> Path: x-privat.org!news.glorb.com!news2.glorb.com!postnews.google.com!news1.google.com!Xl.tags.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!local2.nntp.dca.giganews.com!nntp.pipex.net!news.pipex.net.POSTED!not-for-mail
> Xref: news.x-privat.org comp.os.linux.networking:18150
>


> pk <pk(a)pk.invalid> wrote:
>
>> Andreas Moroder <andreas.moroder@[nospam]sb-brixen.it> wrote:
>>
>>> Hello,
>>>
>>> is it possible to activate bonding with the two NICs of a
>>> server connected to two different switches ?
>>>
>>> Are there special protocols the switch must support to let me
>>> do this ?
>>>
>>> Is there documentation on how to do this with Enterasys
>>> switches ?
>>
>> You probably want active-backup mode.
>
> It's the simplest way to configure it, in the desired solution,
> but there can be problems. Active-backup over two switches is
> fine *as long as you never see a cable failure*. As soon as
> the active link fails, any device which was connected to the
> same switch is going to fail to connect to anything until the
> switch decides it no longer has a connection to the relevant
> mac address, because the switch will not try forwarding any
> ethernet frames to other switches until then. This is something
> you should test.
>
> Active-backup can also be a problem if the connection between
> the host and the switch is fine, but the switch loses
> connectivity to other parts of your network. The result is an
> isolated host, happily remaining connected to a switch that
> can't forward its traffic on.
>
> Bonding is best used to connect to a single switch, or to
> paired switches of the kind which can be piggy-backed together
> to act as one single logical switch (but which continue to
> function if one switch in the pair fails). Really, if you
> want to connect to multiple switches for redundancy, you want
> not bonding but bridging, with switches that support spanning
> tree. What you do then is create a bridged interface, add the
> individual interfaces to the bridge, activate spanning tree on
> the bridge (and on all your switches) and let spanning tree
> decide which interface to use. This is the most resilient
> solution because the spanning tree protocol will detect the
> situation where your host is connected to an isolated switch
> and switch to using the other link, to the switch which is
> still properly connected.
>
> Since you should be using spanning tree in any resilient
> network with multiple switches, I'd recommend the bridge
> approach. Of course, you could have four interfaces (two dual
> port NICs, say), create two bonded interfaces (with each
> bond connecting to only one switch) and then add those two
> interfaces to a bridge. That would be belt and braces and an
> extra pair of trousers just in case.
>
> -- Bruce
>
> I see a mouse. Where? There, on the stair. And its clumsy
> wooden footwear makes it easy to trap and kill. -- Harry Hill

For some reason this fellow uses the X-No-Archive: yes header.
And he's way out of line.
Looks like a post that should be in the archives to me.

Sid

From: Rick Jones on 25 Mar 2010 13:13

---

Bruce Richardson <itsbruce(a)uklinux.net> wrote:
> pk <pk(a)pk.invalid> wrote:
> > You probably want active-backup mode.

> It's the simplest way to configure it, in the desired solution, but
> there can be problems. Active-backup over two switches is fine *as
> long as you never see a cable failure*. As soon as the active link
> fails, any device which was connected to the same switch is going to
> fail to connect to anything until the switch decides it no longer
> has a connection to the relevant mac address, because the switch
> will not try forwarding any ethernet frames to other switches until
> then. This is something you should test.

The switches need to be in the same broadcast domain right? If there
is a gratuitous ARP on the failover, won't that propagate around and
cause the switch in question to relearn where that destination MAC
resides (assuming the failover preserves the MAC rather than causes a
new IP-MAC translation)

> Active-backup can also be a problem if the connection between the
> host and the switch is fine, but the switch loses connectivity to
> other parts of your network. The result is an isolated host,
> happily remaining connected to a switch that can't forward its
> traffic on.

Wouldn't that that also be an issue for active-active?

rick jones
--
a wide gulf separates "what if" from "if only"
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

 |  Next  |  Last
Pages: 1 2
Prev: How long before alternate gateways and DNS servers kick in?
Next: Inner workings of libpcap