Duplicate Bridge ID KVM

Latest response

Hi
I have realized once I finish creating the bridges , duplicated bridge IDs appear on brctl show:

bridge name  bridge id           STP enabled  interfaces
br10         8000.00505636bba0   no           bond0.10
br20         8000.00505636bba0   no           bond0.20

tested on RHEL 7.2 & 7.4

I have tired to set up the MAC addresses manually on ifcfg-bond0.10 & ifcfg-bond0.20 then they were shown differently and that is fine.

1- Now my concern: if that is the right modification need to be done or different action ?

2- What is the difference between adding MACADDR and HWADDR in this case ?

3- Will this affect the routing meaning there will be multiple VMs running with multiple interfaces on them ?

4- When do we need to enable STP noting these servers are connected to upstream Switches which they should manage the STP ?

Thanks in advance and apologies for the long list questions

AA
Log in to join the conversation

Responses

Jamie Bainbridge's picture Red Hat Guru 7257 points
1 April 2018 10:49 PM

The bridge id shown is the bridge MAC. The bridge inherits the MAC of the first device enslaved to it, and a VLAN interface gets the same MAC as its parent. As both VLAN devices have the same parent bond0 you'll get the same MAC populated up.

However, both bridges are in a different broadcast domain so there should no problem with having those interfaces with the same MAC. Everything should be fine as-is.

You can set a different MAC with MACADDR if you like, just make sure to set the locally administered bit to show that you made up the MAC address yourself.

You wouldn't use HWADDR here. That is used to identify underlying devices for device naming in some situations, for example a physical NIC has MAC aa:aa:aa so you could set HWADDR="aa:aa:aa" in ifcfg-ethX to ensure that the right device gets the right name.

MACs are not involved in routing.

I don't quite understand your last question, but if needed you can set STP priority using a command like brctl setbridgeprio br10 50000 or with BRIDGING_OPTS="priority=50000" in ifcfg-brX files. The STP root should have a low STP priority already so that other device default configs do not take over the root role.

AA Community Member 94 points
2 April 2018 4:48 PM

Thanks Jamie for valuables inputs as usual, so you mentioned "both bridges are in a different broadcast domain" which is a relieving. I am just worried if it will affect the traffic flow or which traffic should go where. if I deal with multiple interfaces. for example I still need to add one more bridge for another VLAN. so it will be: bond0.10 > br10 bond0.20 > br10 bond0.30 > br30 KVM

VM1 eth1 > br10 - one interface VM2 eth 1 >br10 eth2 > br20 - two interfaces you are right after doing show commands, it turns out they are all taking the same Bridge ID (inherited) so I hope this works fine. or please advice if you have comment on this setup.

for the STP I meant if the server (host) connected to uplink switches and these switches take care of STP, then they should be set to no. Not sure . my question when it is need to set for no or yes inside a bridge as default it should be no =0

Thanks :)

Jamie Bainbridge's picture Red Hat Guru 7257 points
2 April 2018 11:14 PM

The setup you describe is fine, there are many other KVM and RHV environments operating the exact same way.

If you want the bridges to participate in STP then you need to enable STP. I can't tell you whether to enable it or disable STP, that's a decision specific to your environment.

If you manage to make a switching loop then it's your organization's internal network team who will be troubleshooting it, so if you are unsure then I'd check their usage policy regarding connecting switches to the existing network or ask the network team what they would prefer.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.